Advisor Information
Dr. George Grispos
Location
UNO Criss Library, Room 249
Presentation Type
Oral Presentation
Start Date
2-3-2018 10:00 AM
End Date
2-3-2018 10:15 AM
Abstract
The prolific integration of Internet-of-Things (IoT) devices into our homes is continuously generating discussions surrounding the security and privacy of these devices. One device that has received particular attention in the past few years is the Amazon Alexa, a ‘personal assistant’ IoT device, which listens to user commands and performs certain actions. According to Amazon, “millions of Alexa devices” were sold in the 2017 Holiday period alone [1]. However, the continuous amalgamation of technology has prompted the idea that many digital devices, through their overall functionality, could be utilized by cybercriminals to digitally intrude into our personal lives [2]. Hence, this research presents the idea that the Amazon Alexa records and listens to conversations that do not involve her command to ‘wake-up’, therefore breaching a user’s privacy within their own home. The contribution of this research is twofold. First, it attempts to identify through an analysis of a smartphone device used to interact with Alexa, whether Alexa contains an ‘always on’ feature that is listening to conversations that do not involve her command. Second, it provides an initial discussion into the forensic investigation challenges involved with examining Alexa, should the device be exploited by cybercriminals.
References
[1] TechCrunch (2017) “Amazon sold ‘millions’ of Alexa devices over the holiday shopping weekend”, Available online: https://techcrunch.com/2017/11/28/amazon-sold-millions-of-alexa-devices-over-the-holiday-shopping-weekend/
[2] G. Grispos, W.B. Glisson, J.H. Pardue and M. Dickson (2014). Identifying User Behavior from Residual Data in Cloud-based Synchronized Apps. Conference on Information Systems Applied Research (CONISAR 2014), 6-9 November 2014, Baltimore Maryland, USA.
Files over 3MB may be slow to open. For best results, right-click and select "save as..."
Included in
Amazon Alexa: The Best Personal Assistant or an Eavesdropping Witch
UNO Criss Library, Room 249
The prolific integration of Internet-of-Things (IoT) devices into our homes is continuously generating discussions surrounding the security and privacy of these devices. One device that has received particular attention in the past few years is the Amazon Alexa, a ‘personal assistant’ IoT device, which listens to user commands and performs certain actions. According to Amazon, “millions of Alexa devices” were sold in the 2017 Holiday period alone [1]. However, the continuous amalgamation of technology has prompted the idea that many digital devices, through their overall functionality, could be utilized by cybercriminals to digitally intrude into our personal lives [2]. Hence, this research presents the idea that the Amazon Alexa records and listens to conversations that do not involve her command to ‘wake-up’, therefore breaching a user’s privacy within their own home. The contribution of this research is twofold. First, it attempts to identify through an analysis of a smartphone device used to interact with Alexa, whether Alexa contains an ‘always on’ feature that is listening to conversations that do not involve her command. Second, it provides an initial discussion into the forensic investigation challenges involved with examining Alexa, should the device be exploited by cybercriminals.
References
[1] TechCrunch (2017) “Amazon sold ‘millions’ of Alexa devices over the holiday shopping weekend”, Available online: https://techcrunch.com/2017/11/28/amazon-sold-millions-of-alexa-devices-over-the-holiday-shopping-weekend/
[2] G. Grispos, W.B. Glisson, J.H. Pardue and M. Dickson (2014). Identifying User Behavior from Residual Data in Cloud-based Synchronized Apps. Conference on Information Systems Applied Research (CONISAR 2014), 6-9 November 2014, Baltimore Maryland, USA.