CSIRO's Data61 creates voice spoofing prevention measure
CSIRO’s Data61 has developed a new technique to prevent voice spoofing attacks — in which fraudsters record and imitate people when using technologies, like Amazon Alexa or Google Assistant.
Hackers have been known to spoof these systems in a bid to make fraudulent online purchases, access banking services, send messages or make phone calls.
The new solution, known as Void (Voice liveness detection), works by identifying differences in spectral power between a live human voice and a voice replayed through a speaker. It can be embedded in a smartphone or voice assistant software and detect when a hacker is at play, with up to 99% accuracy.
Muhammad Ejaz Ahmed, Cybersecurity Research Scientist at CSIRO’s Data61, said privacy preserving technologies are becoming increasingly important as voice assistant technologies become more pervasive. By 2023, as many as 275 million voice assistant devices will be used to control homes globally — a growth of 1000% since 2018.
“Voice spoofing attacks can be used to make purchases using a victim’s credit card details, control Internet of Things-connected devices like smart appliances, and give hackers unsolicited access to personal consumer data such as financial information, home addresses and more,” said Ahemd.
“Although voice spoofing is known as one of the easiest attacks to perform, as it simply involves a recording of the victim’s voice, it is incredibly difficult to detect because the recorded voice has similar characteristics to the victim’s live voice.
“Void is game changing technology that allows for more efficient and accurate detection, helping to prevent people’s voice commands from being misused.”
Void differs from other voice spoofing techniques, which typically use deep learning models. Instead Void uses insights from spectrograms — a visual representation of the spectrum of frequencies of a signal over time.
By using this technique, Void can detect an attack eight times faster than a technology based on deep learning. It is also a lighter-weight solution in that it uses 152 times less memory, making it suitable for smart device integration.
CrowdStrike to buy Adaptive Shield
CrowdStrike is augmenting its SaaS security capabilities through the acquisition of Israeli-based...
LockBit named nastiest malware of 2024
LockBit, a ransomware malware known to have been used to attack Australian targets, has been...
Extreme Networks launches ZTNA solution
Extreme Networks' new ExtremeCloud Universal ZTNA solution combines cloud network access...
