Volume 15, Number 3
Near Ultrasonic Attack and Defensive Countermeasures
Authors
Forrest McKee and David Noever, PeopleTec, USA
Abstract
The practical implications of issuing inaudible voice commands. The research mapped each attack vector to a tactic or technique from the MITRE ATT&CK matrix, covering enterprise, mobile, and Industrial Control System (ICS) frameworks. The experiment involved generating and surveying fifty near-ultrasonic audios to assess the attacks' effectiveness. Unprocessed commands achieved a 100% success rate, while processed commands achieved an 86% acknowledgment rate and a 58% overall executed (successful) rate. The research systematically stimulated previously unaddressed attack surfaces, aiming for comprehensive detection and attack design. Each ATT&CK identifier was paired with a tested defensive method, providing attack and defense tactics. The research findings revealed that the attack method employed Single Upper Sideband Amplitude Modulation (SUSBAM) to generate near-ultrasonic audio from audible sources. By eliminating the lower sideband, the design achieved a 6 kHz minimum from 16-22 kHz while remaining inaudible after transformation. The research also investigated the one-to-many attack surface, exploring scenarios where a single device triggers multiple actions or devices. Furthermore, the study demonstrated the reversibility or demodulation of the inaudible signal, suggesting potential alerting methods and the possibility of embedding secret messages like audio steganography. A critical methodological advance included tapping into the postprocessed audio signal when the server demodulates the signal for comparison to both the audible and inaudible input signals to improve the actionable success rates.
Keywords
Cybersecurity, voice activation, digital signal processing, Internet of Things, ultrasonic audio