With the rise of smart and connected systems, everyday devices like in-home thermostats or doorbell cameras, personal devices like cell phones or smart watches, environmental or industrial sensors, powerful computer systems in the cloud, and vehicles are becoming smarter and more connected. These networked systems collect and communicate a wealth of sensory and usage data to enable better user experience, provide safety, improve quality of life, and increase efficiency. There are two core challenges related to the design, development, and deployment of these systems: How to provide robust communication and networking schemes, and how to enable secure and private data access and exchange. Research in this area addresses these challenges through the design and analysis of transmitter and receiver devices, communication channels and links, encoding and decoding schemes, routing protocols, privacy-preserving systems, and authentication mechanisms. This research enables faster, more reliable, and more efficient device-to-device communication as well as secure and private user-device interactions across distances ranging from millimeters to hundreds or thousands of kilometers. The research in this area spans foundational concepts and techniques, algorithms and data processing, and experimentation using prototypes and testbeds.
Graduate student Shimaa Ahmed is preparing to perform a physical attack on a speaker identification system. Speaker identification systems use a voice print to authenticate users. Such systems are vulnerable to impersonation attacks, mainly in the digital domain. At UW-ECE, we are studying the robustness of voice-based authentication systems to physical attacks, which are those that use only physical objects. Our attack employs a tube as an acoustic resonator, which shapes the attacker’s voice and impersonates the victim speaker. This analog attack has an added “benefit” – it evades the synthetic speech detection systems. Our research shows that voice-based identification is vulnerable to a new paradigm of attacks and should not be utilized in security-critical applications.