Smart home personal assistants : a security and privacy review

Edu, Jide S. and Such, Jose M. and Suarez-Tangil, Guillermo (2021) Smart home personal assistants : a security and privacy review. ACM Computing Surveys, 53 (6). pp. 1-36. 116. ISSN 1557-7341 (https://doi.org/10.1145/3412383)

[thumbnail of Edu-etal-ACMCS-2020-Smart-home-personal-assistants-a-security-and-privacy-review]
Preview
Text. Filename: Edu_etal_ACMCS_2020_Smart_home_personal_assistants_a_security_and_privacy_review.pdf
Accepted Author Manuscript
License: Strathprints license 1.0

Download (1MB)| Preview

Abstract

Smart Home Personal Assistants (SPA) are an emerging innovation that is changing the means by which home users interact with technology. However, several elements expose these systems to various risks: i) the open nature of the voice channel they use, ii) the complexity of their architecture, iii) the AI features they rely on, and iv) their use of a wide range of underlying technologies. This paper presents an in-depth review of SPA’s security and privacy issues, categorizing the most important attack vectors and their countermeasures. Based on this, we discuss open research challenges that can help steer the community to tackle and address current security and privacy issues in SPA. One of our key findings is that even though the attack surface of SPA is conspicuously broad and there has been a significant amount of recent research efforts in this area, research has so far focused on a small part of the attack surface, particularly on issues related to the interaction between the user and the SPA devices. To the best of our knowledge, this is the first article to conduct such a comprehensive review and characterization of the security and privacy issues and countermeasures of SPA.

ORCID iDs

Edu, Jide S. ORCID logoORCID: https://orcid.org/0000-0003-1325-8740, Such, Jose M. and Suarez-Tangil, Guillermo;