English

Nonsense Attacks on Google Assistant

Cryptography and Security 2018-08-07 v1

Abstract

This paper presents a novel attack on voice-controlled digital assistants using nonsensical word sequences. We present the results of experimental work which demonstrates that it is possible for malicious actors to gain covert access to a voice-controlled system by hiding commands in apparently nonsensical sounds of which the meaning is opaque to humans. Several instances of nonsensical word sequences were identified which triggered a target command in a voice-controlled digital assistant, but which were incomprehensible to humans, as shown in tests with human experimental subjects. Our work confirms the potential for hiding malicious voice commands to voice-controlled digital assistants or other speech-controlled devices in speech sounds which are perceived by humans as nonsensical.

Keywords

Cite

@article{arxiv.1808.01947,
  title  = {Nonsense Attacks on Google Assistant},
  author = {Mary K. Bispham and Ioannis Agrafiotis and Michael Goldsmith},
  journal= {arXiv preprint arXiv:1808.01947},
  year   = {2018}
}
R2 v1 2026-06-23T03:25:36.736Z