Security for IoT home voice assistants
First Claim
1. A computer-implemented method for implementing a security policy with a voice assistant, the method being performed by one or more computing devices, each comprising one or more processors, the method comprising:
- obtaining, by the one or more computing devices, encrypted traffic from the voice assistant;
obtaining, by the one or more computing devices, an audio recording of the user voice command with a microphone built into the one or more computing devices;
generating, by the one or more computing devices, a library of one or more identifiable attributes of the user voice command based at least in part on analysis of the encrypted traffic generated by the voice assistant and at least in part on analysis of the audio recording over a period of time;
identifying, by the one or more computing devices, the user voice command in the encrypted traffic obtained by the one or more computing devices based at least in part on the one or more identifiable attributes of the encrypted traffic;
determining, by the one or more computing devices, the user voice command triggers at least one security policy; and
upon determining the user voice command triggers the at least one security policy, performing, by the one or more computing devices, a security action that implements the at least one security policy.
5 Assignments
0 Petitions
Accused Products
Abstract
A method for implementing security of Internet of Things (IoT) home voice assistants is described. In one embodiment, a computer-implemented method for implementing a security policy with a voice assistant includes obtaining, by one or more computing devices, encrypted traffic from a voice assistant; identifying, by the one or more computing devices, a user voice command in the encrypted traffic based at least in part on one or more identifiable attributes of the encrypted traffic; determining, by the one or more computing devices, the user voice command triggers at least one security policy; and upon determining the user voice command triggers the at least one security policy, performing, by the one or more computing devices, a security action that implements the at least one security policy. In some cases, the method may include obtaining an audio recording of the user voice command with a microphone built into the router.
25 Citations
18 Claims
-
1. A computer-implemented method for implementing a security policy with a voice assistant, the method being performed by one or more computing devices, each comprising one or more processors, the method comprising:
-
obtaining, by the one or more computing devices, encrypted traffic from the voice assistant; obtaining, by the one or more computing devices, an audio recording of the user voice command with a microphone built into the one or more computing devices; generating, by the one or more computing devices, a library of one or more identifiable attributes of the user voice command based at least in part on analysis of the encrypted traffic generated by the voice assistant and at least in part on analysis of the audio recording over a period of time; identifying, by the one or more computing devices, the user voice command in the encrypted traffic obtained by the one or more computing devices based at least in part on the one or more identifiable attributes of the encrypted traffic; determining, by the one or more computing devices, the user voice command triggers at least one security policy; and upon determining the user voice command triggers the at least one security policy, performing, by the one or more computing devices, a security action that implements the at least one security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computing device configured for implementing a security policy with a voice assistant, comprising:
-
a processor; memory in electronic communication with the processor, wherein the memory stores computer executable instructions that when executed by the processor cause the processor to perform the steps of; obtaining encrypted traffic from a voice assistant; obtaining an audio recording of the user voice command with a microphone built into the computing device; generating a library of one or more identifiable attributes of the user voice command based at least in part on analysis of the encrypted traffic generated by the voice assistant and at least in part on analysis of the audio recording over a period of time; identifying the user voice command in the encrypted traffic obtained by the computing device based at least in part on the one or more identifiable attributes of the encrypted traffic; determining the user voice command triggers at least one security policy; and upon determining the user voice command triggers the at least one security policy, performing a security action that implements the at least one security policy. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A non-transitory computer-readable storage medium storing computer executable instructions that when executed by a processor cause the processor to perform the steps of:
-
obtaining encrypted traffic from a voice assistant; obtain an audio recording of the user voice command with a microphone built into one or more computing devices associated with the processor; generating a library of one or more identifiable attributes of the user voice command based at least in part on analysis of the encrypted traffic generated by the voice assistant and at least in part on analysis of the audio recording over a period of time; identifying a user voice command in the encrypted traffic obtained by the one or more computing devices based at least in part on one or more identifiable attributes of the encrypted traffic; determining the user voice command triggers at least one security policy; and upon determining the user voice command triggers the at least one security policy, performing a security action that implements the at least one security policy.
-
Specification