Security Assessment of Alexa
This was my 3rd year individual project, also known as my undergraduate dissertation. My task was to conduct an overall security assessment of Amazon Alexa which is one of the most popular voice-activated smart assistants on the market.
Abstract
Abstract from the report:
Voice-activated virtual assistants, such as Amazon Alexa, Apple’s Siri and Google Assistant, are making their way into more and more households around the world as they are easy to use and provide a lot of functionality to help users on their daily basis – all while maintaining a friendly and non-robotic charisma. However, the growing awareness of their “always-listening” nature is instilling distrust in people making them shy away from using a virtual assistant. I focused on one of the most widely used smart assistants – Amazon Alexa. The aim of this report is to provide an overall security assessment of Alexa by considering all of its components and subsystems. I enumerate and extend all known attacks on Alexa as well as present new ways of exploiting its vulnerabilities. Namely, I show how users can be tricked into revealing their personal information to a seemingly innocent skill and how their credentials can be phished through a spoofed login page. I also show how all Echo and Echo Dot devices sold from 2 nd hand can be compromised to obtain users’ private conversations. I performed a structured risk assessment of all attacks to show that the “always-listening” nature of Alexa is not by far the biggest privacy concern. Rather, I find that the root of many attacks lies in a flawed vetting process and, as unfortunately is the case in many software systems, the users themselves.
Process
I followed a structured CREST-PTES testing framework throughout the project in order to produce reliable results.
My first step was to prepare the testing environment, research what flaws have already been discovered in Alexa, and compile a requirements specification. In order to deem Alexa a secure system all of these requirements would have to be met. An important part of this step was also the system reconnaissance which helped me discover potentially flawed features, such as an unprotected WiFi hotspot during setup and easy disassembly and re-assembly of an Echo Dot.
The second step was to systematically identify and exploit vulnerabilities and provide a description of each of these attacks.
The last step was to conduct risk assessment following an OWASP Risk Rating Methodology which would give a uniform and objective estimate of how secure Alexa really is. This was followed by summarising the possible mitigation procedures and providing some new ones.
Main findings
Below I summarised the main findings of my work:
- Voice recognition and understanding components are not perfect and can lead to erroneous transcriptions of the utterances which can trigger unwanted or even malicious skills.
- Users often overestimate Alexa's capabilities. One such example is context switching which naturally occurs in human conversation (this is when the main topic of a conversation is briefly interrupted by one of the speakers, e.g. asking for the time and then continuing the conversation). Alexa is not capable of such context switching but a malicious skill could imitate such behaviour and trick users into revealing their private information.
- Users are not aware of privacy and security controls currently available. Previous research shows that only a fraction of users uses the mute button on Alexa devices, and that even less people are aware how to properly manage their stored voice recordings. The LED ring on Alexa devices might also not always be a good indicator that something has happened because people often command their devices without looking at them.
- Most high-severity attacks are executed through skills. A malicious skill is usually invoked when the command is incorrectly transcribed or interpreted. Such skills can then impersonate other legitimate skills or the Alexa service itself to deceive users into revealing their personal information.
- Amazon's vetting process is flawed. Before a skill is posted onto the market it needs to undergo a vetting process by Amazon. However, other researchers have shown that there are many flaws in skills that this process cannot detect. Moreover, once the skill is already on the market, its developers can update it as many times as they want without having to pass the vetting process.
- Attacks that require a target to be specified in advance are less feasible. It is very unlikey that an attacker would target a specific device to attack their attack on as their profits are very small. There have been no evidence of targeted attacks so far.
Feel free to download the full report below: