CSIRO's Data61 creates voice spoofing prevention measure

By Amy Sarcevic
Tuesday, 23 June, 2020

CSIRO's Data61 creates voice spoofing prevention measure

CSIRO’s Data61 has developed a new technique to prevent voice spoofing attacks — in which fraudsters record and imitate people when using technologies, like Amazon Alexa or Google Assistant.

Hackers have been known to spoof these systems in a bid to make fraudulent online purchases, access banking services, send messages or make phone calls.

The new solution, known as Void (Voice liveness detection), works by identifying differences in spectral power between a live human voice and a voice replayed through a speaker. It can be embedded in a smartphone or voice assistant software and detect when a hacker is at play, with up to 99% accuracy.

Muhammad Ejaz Ahmed, Cybersecurity Research Scientist at CSIRO’s Data61, said privacy preserving technologies are becoming increasingly important as voice assistant technologies become more pervasive. By 2023, as many as 275 million voice assistant devices will be used to control homes globally — a growth of 1000% since 2018.

“Voice spoofing attacks can be used to make purchases using a victim’s credit card details, control Internet of Things-connected devices like smart appliances, and give hackers unsolicited access to personal consumer data such as financial information, home addresses and more,” said Ahemd.

“Although voice spoofing is known as one of the easiest attacks to perform, as it simply involves a recording of the victim’s voice, it is incredibly difficult to detect because the recorded voice has similar characteristics to the victim’s live voice.

“Void is game changing technology that allows for more efficient and accurate detection, helping to prevent people’s voice commands from being misused.”

Void differs from other voice spoofing techniques, which typically use deep learning models. Instead Void uses insights from spectrograms — a visual representation of the spectrum of frequencies of a signal over time.

By using this technique, Void can detect an attack eight times faster than a technology based on deep learning. It is also a lighter-weight solution in that it uses 152 times less memory, making it suitable for smart device integration.

Image credit: ©stock.adobe.com/au/lassedesignen

Related News

US issues warrants for five alleged APT41 members

The US Department of Justice has issued warrants for five alleged members of the APT41 cybercrime...

Evolving threat landscape a concern for cybersecurity analysts

A survey by Gartner has found that cybersecurity analysts are concerned about the rapidly...

Gartner: Businesses must balance risk, trust and opportunity

Security and risk leaders have been advised to balance risk, trust and opportunity to help their...

  • All content Copyright © 2020 Westwick-Farrow Pty Ltd