IUAC: Inaudible Universal Adversarial Attacks Against Smart Speakers

Intelligent voice systems are widely utilized to control smart home applications, which raises significant privacy and security concerns. Recent studies have revealed their vulnerability to adversarial attacks, replay attacks, and so on. However, these attacks rely on the victim's voice data. In our work, we investigate a stealthy and command-independent attack that does not necessitate collecting victims' voices. Our proposed attack, IUAC, misleads the voice system to go against the victim's will, regardless of the commands delivered. Our core concept is to train highly robust attack commands through the construction of diverse data, rendering the user's commands negligible. To achieve stealthy attacks, we leverage a high-frequency carrier to construct an inaudible universal adversarial command. Extensive experiments conducted with real-world datasets demonstrate that our attack system attains an average attack success rate of 96% while resisting environmental interference. Moreover, our attack success rate against real-world voice systems is 4.52× higher than the state-of-the-art. Finally, we propose an effective defense mechanism and provide experimental tests to validate its efficacy.