CSIRO's Data61 creates voice spoofing prevention measure
CSIRO’s Data61 has developed a new technique to prevent voice spoofing attacks — in which fraudsters record and imitate people when using technologies, like Amazon Alexa or Google Assistant.
Hackers have been known to spoof these systems in a bid to make fraudulent online purchases, access banking services, send messages or make phone calls.
The new solution, known as Void (Voice liveness detection), works by identifying differences in spectral power between a live human voice and a voice replayed through a speaker. It can be embedded in a smartphone or voice assistant software and detect when a hacker is at play, with up to 99% accuracy.
Muhammad Ejaz Ahmed, Cybersecurity Research Scientist at CSIRO’s Data61, said privacy preserving technologies are becoming increasingly important as voice assistant technologies become more pervasive. By 2023, as many as 275 million voice assistant devices will be used to control homes globally — a growth of 1000% since 2018.
“Voice spoofing attacks can be used to make purchases using a victim’s credit card details, control Internet of Things-connected devices like smart appliances, and give hackers unsolicited access to personal consumer data such as financial information, home addresses and more,” said Ahemd.
“Although voice spoofing is known as one of the easiest attacks to perform, as it simply involves a recording of the victim’s voice, it is incredibly difficult to detect because the recorded voice has similar characteristics to the victim’s live voice.
“Void is game changing technology that allows for more efficient and accurate detection, helping to prevent people’s voice commands from being misused.”
Void differs from other voice spoofing techniques, which typically use deep learning models. Instead Void uses insights from spectrograms — a visual representation of the spectrum of frequencies of a signal over time.
By using this technique, Void can detect an attack eight times faster than a technology based on deep learning. It is also a lighter-weight solution in that it uses 152 times less memory, making it suitable for smart device integration.
Employees are more conscious of cybersecurity, but their limited understanding makes them flout...
The Privacy Act 2020 promises to be more proactive and less reactive than its 27-year-old...
The federal government funding will produce a threat intelligence-sharing network, sector-wide...