VoiceListener: A Training-free and Universal Eavesdropping Attack on Built-in Speakers of Mobile Devices
Published in Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (IMWUT), 2023
Recommended citation: Lei Wang, Meng Chen, Li Lu*, Zhongjie Ba, Feng Lin, Kui Ren. "VoiceListener: A Training-free and Universal Eavesdropping Attack on Built-in Speakers of Mobile Devices." Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (IMWUT). 7(1), pp. 32:1-32:22. Cancun, Mexico. 2023. doi: 10.1145/3580789.
Proceedings of ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies is the premier international journal in ubiquitous computing, which was previously the top ranked international conference ACM UbiComp. ACM UbiComp is a CCF-A conference.
Code Availability: https://github.com/zju-muslab/VoiceListener.
Abstract: Recently, voice leakage gradually raises more significant concerns of users, due to its underlying sensitive and private information when providing intelligent services. Existing studies demonstrate the feasibility of applying learning-based solutions on built-in sensor measurements to recover voices. However, due to the privacy concerns, large-scale voices-sensor measurements samples for model training are not publicly available, leading to significant efforts in data collection for such an attack. In this paper, we propose a training-free and universal eavesdropping attack on built-in speakers, VoiceListener, which releases the data collection efforts and is able to adapt to various voices, platforms, and domains. In particular, VoiceListener develops an aliasing-corrected super resolution mechanism, including an aliasing-based pitch estimation and an aliasing-corrected voice recovering, to convert the undersampled narrow-band sensor measurements to wide-band voices. Extensive experiments demonstrate that our proposed VoiceListener could accurately recover the voices from undersampled sensor measurements and is robust to different voices, platforms and domains, realizing the universal eavesdropping attack.