loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Borna Kalhor 1 and Sanchari Das 2

Affiliations: 1 Department of Computer Engineering, Ferdowsi University of Mashhad, Mashhad, Iran ; 2 Department of Computer Science, University of Denver, Denver, Colorado, U.S.A.

Keyword(s): Virtual Assistants, Privacy and Security, Vulnerability Analysis, Voice Assistants, Security Evaluation.

Abstract: Virtual assistants (VAs) have seen increased use in recent years due to their ease of use for daily tasks. Despite their growing prevalence, their security and privacy implications are still not well understood. To address this gap, we conducted a study to evaluate the security and privacy postures of eight widely used voice assistants: Alexa, Braina, Cortana, Google Assistant, Kalliope, Mycroft, Hound, and Extreme. We used three vulnerability testing tools—AndroBugs, RiskInDroid, and MobSF—to assess the security and privacy of these VAs. Our analysis focused on five areas: code, access control, tracking, binary analysis, and sensitive data confidentiality. The results revealed that these VAs are vulnerable to a range of security threats, including not validating SSL certificates, executing raw SQL queries, and using a weak mode of the AES algorithm. These vulnerabilities could allow malicious actors to gain unauthorized access to users’ personal information. This study is a first st ep toward understanding the risks associated with these technologies and provides a foundation for future research to develop more secure and privacy-respecting VAs. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.191.212.95

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Kalhor, B. and Das, S. (2024). Evaluating the Security and Privacy Risk Postures of Virtual Assistants. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-683-5; ISSN 2184-4356, SciTePress, pages 154-161. DOI: 10.5220/0012389500003648

@conference{icissp24,
author={Borna Kalhor. and Sanchari Das.},
title={Evaluating the Security and Privacy Risk Postures of Virtual Assistants},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP},
year={2024},
pages={154-161},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012389500003648},
isbn={978-989-758-683-5},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP
TI - Evaluating the Security and Privacy Risk Postures of Virtual Assistants
SN - 978-989-758-683-5
IS - 2184-4356
AU - Kalhor, B.
AU - Das, S.
PY - 2024
SP - 154
EP - 161
DO - 10.5220/0012389500003648
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic