Misinformation in Third-party Voice Applications
Authors: 
Mary Bispham, Suliman Kalim Sattar, Clara Zard, Xavier Ferrer-Aran, Jide Edu, Guillermo Suarez-Tangil, Jose SuchAuthors Info & Claims
Mary Bispham, Suliman Kalim Sattar, Clara Zard, Xavier Ferrer-Aran, Jide Edu, Guillermo Suarez-Tangil, Jose SuchAuthors Info & ClaimsArticle No.: 53, Pages 1 - 6
Abstract
This paper investigates the potential for spreading misinformation via third-party voice applications in voice assistant ecosystems such as Amazon Alexa and Google Assistant. Our work fills a gap in prior work on privacy issues associated with third-party voice applications, looking at security issues related to outputs from such applications rather than compromises to privacy from user inputs. We define misinformation in the context of third-party voice applications and implement an infrastructure for testing third-party voice applications using automated natural language interaction. Using our infrastructure, we identify — for the first time — several instances of misinformation in third-party voice applications currently available on the Google Assistant and Amazon Alexa platforms. We then discuss the implications of our work for developing measures to pre-empt the threat of misinformation and other types of harmful content in third-party voice assistants becoming more significant in the future.
References
[1]
Noura Abdi, Kopo M Ramokapane, and Jose Such. 2019. More than smart speakers: security and privacy perceptions of smart home personal assistants. In Fifteenth Symposium on Usable Privacy and Security ({ SOUPS} 2019). 451–466.
[2]
Noura Abdi, Xiao Zhan, Kopo M Ramokapane, and Jose Such. 2021. Privacy Norms for Smart Home Personal Assistants. In Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems. 1–14.
[3]
Emily Couvillon Alagha and Rachel Renee Helbing. 2019. Evaluating the quality of voice assistants’ responses to consumer health questions about vaccines: an exploratory comparison of Alexa, Google Assistant and Siri. BMJ health & care informatics 26, 1 (2019), e100075.
[4]
Firoj Alam, Stefano Cresci, Tanmoy Chakraborty, Fabrizio Silvestri, Dimiter Dimitrov, Giovanni Da San Martino, Shaden Shaar, Hamed Firooz, and Preslav Nakov. 2021. A Survey on Multimodal Disinformation Detection. arXiv preprint arXiv:2103.12541 (2021).
[5]
Sotirios Antoniadis, Iouliana Litou, and Vana Kalogeraki. 2015. A model for identifying misinformation in online social networks. In OTM Confederated International Conferences" On the Move to Meaningful Internet Systems". Springer, 473–482.
[6]
Agathe Balayn, Jie Yang, Zoltan Szlavik, and Alessandro Bozzon. 2021. Automatic Identification of Harmful, Aggressive, Abusive, and Offensive Language on the Web: A Survey of Technical Biases Informed by Psychology Literature. ACM Transactions on Social Computing (TSC) 4, 3 (2021), 1–56.
[7]
Tom Bocklisch, Joey Faulkner, Nick Pawlowski, and Alan Nichol. 2017. Rasa: Open source language understanding and dialogue management. arXiv preprint arXiv:1712.05181 (2017).
[8]
Étienne Brown. 2021. Regulating the spread of online misinformation. In The Routledge Handbook of Political Epistemology. Routledge, 214–225.
[9]
Tanja Bunk, Daksh Varshneya, Vladimir Vlasov, and Alan Nichol. 2020. Diet: Lightweight language understanding for dialogue systems. arXiv preprint arXiv:2004.09936 (2020).
[10]
Long Cheng, Christin Wilson, Song Liao, Jeffrey Young, Daniel Dong, and Hongxin Hu. 2020. Dangerous skills got certified: Measuring the trustworthiness of skill certification in voice personal assistant platforms. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 1699–1716.
[11]
Travis Coan, Constantine Boussalis, John Cook, and Mirjam Nanko. 2021. Computer-assisted detection and classification of misinformation about climate change. (2021).
[12]
Miles C Coleman. 2021. Leveraging the Rhetorical Energies of Machines: COVID-19, Misinformation, and Persuasive Labor. Human-Machine Communication 3, 1 (2021), 2.
[13]
Botambu Collins, Dinh Tuyen Hoang, Ngoc Thanh Nguyen, and Dosam Hwang. 2021. Trends in combating fake news on social media–a survey. Journal of Information and Telecommunication 5, 2 (2021), 247–266.
[14]
Henry Kudzanai Dambanemuya and Nicholas Diakopoulos. 2021. Auditing the Information Quality of News-Related Queries on the Alexa Voice Assistant. Proceedings of the ACM on Human-Computer Interaction 5, CSCW1 (2021), 1–21.
[15]
Marie-Catherine de Marneffe, Christopher D Manning, Joakim Nivre, and Daniel Zeman. 2021. Universal dependencies. Computational linguistics 47, 2 (2021), 255–308.
[16]
Jide Edu. 2022. Assessing and Measuring the Privacy Practices of Voice Assistant Applications. Ph. D. Dissertation. King’s College London.
[17]
Jide Edu, Xavier Ferrer-Aran, Jose Such, and Guillermo Suarez-Tangil. 2021. SkillVet: Automated Traceability Analysis of Amazon Alexa Skills. IEEE Transactions on Dependable and Secure Computing (2021).
[18]
Jide Edu, Xavier Ferrer-Aran, Jose Such, and Guillermo Suarez-Tangil. 2022. Measuring Alexa Skill Privacy Practices across Three Years. In Proceedings of the ACM Web Conference 2022 (Virtual Event, Lyon, France) (WWW ’22). Association for Computing Machinery, New York, NY, USA, 670–680. https://doi.org/10.1145/3485447.3512289
[19]
Jide Edu, Jose Such, and Guillermo Suarez-Tangil. 2020. Smart home personal assistants: a security and privacy review. ACM Computing Surveys (CSUR) 53, 6 (2020), 1–36.
[20]
John Ferrand, Ryli Hockensmith, Rebecca Fagen Houghton, and Eric R Walsh-Buhi. 2020. Evaluating Smart Assistant Responses for Accuracy and Misinformation Regarding Human Papillomavirus Vaccination: Content Analysis Study. Journal of Medical Internet Research 22, 8 (2020), e19018.
[21]
Zhixiu Guo, Zijin Lin, Pan Li, and Kai Chen. 2020. Skillexplorer: Understanding the behavior of skills in large scale. In 29th { USENIX} Security Symposium ({ USENIX} Security 20). 2649–2666.
[22]
Eslam Hussein, Prerna Juneja, and Tanushree Mitra. 2020. Measuring misinformation in video search platforms: An audit study on YouTube. Proceedings of the ACM on Human-Computer Interaction 4, CSCW1 (2020), 1–27.
[23]
Bahruz Jabiyev, Jeremiah Onaolapo, VT Burlington, Gianluca Stringhini, and Engin Kirda. [n. d.]. Game of FAME: Automatic Detection of FAke MEmes. ([n. d.]).
[24]
Lev Konstantinovskiy, Oliver Price, Mevan Babakar, and Arkaitz Zubiaga. 2021. Toward Automated Factchecking: Developing an Annotation Schema and Benchmark for Consistent Automated Claim Detection. Digital Threats: Research and Practice 2, 2 (2021), 1–16.
[25]
Deepak Kumar, Riccardo Paccagnella, Paul Murley, Eric Hennenfent, Joshua Mason, Adam Bates, and Michael Bailey. 2018. Skill squatting attacks on Amazon Alexa. In 27th { USENIX} Security Symposium ({ USENIX} Security 18). 33–47.
[26]
David MJ Lazer, Matthew A Baum, Yochai Benkler, Adam J Berinsky, Kelly M Greenhill, Filippo Menczer, Miriam J Metzger, Brendan Nyhan, Gordon Pennycook, David Rothschild, 2018. The science of fake news. Science 359, 6380 (2018), 1094–1096.
[27]
Christopher Lentzsch, Sheel Jayesh Shah, Benjamin Andow, Martin Degeling, Anupam Das, and William Enck. 2021. Hey Alexa, is this Skill Safe?: Taking a Closer Look at the Alexa Skill Ecosystem. In 28th Annual Network and Distributed System Security Symposium (NDSS 2021). The Internet Society.
[28]
Stephan Lewandowsky. 2021. Climate Change Disinformation and How to Combat It. Annual Review of Public Health 42 (2021), 1–21.
[29]
Fei Li and Hosagrahar V Jagadish. 2014. Constructing an interactive natural language interface for relational databases. Proceedings of the VLDB Endowment 8, 1 (2014), 73–84.
[30]
David Major, Danny Yuxing Huang, Marshini Chetty, and Nick Feamster. 2021. Alexa, Who Am I Speaking To?: Understanding Users’ Ability to Identify Third-Party Apps on Amazon Alexa. ACM Transactions on Internet Technology (TOIT) 22, 1 (2021), 1–22.
[31]
Alexandre Maros, Jussara M Almeida, and Marisa Vasconcelos. 2021. A Study of Misinformation in Audio Messages Shared in WhatsApp Groups. In Multidisciplinary International Symposium on Disinformation in Open Online Media. Springer, 85–100.
[32]
Maria D Molina, S Shyam Sundar, Thai Le, and Dongwon Lee. 2021. “Fake news” is not simply false information: a concept explication and taxonomy of online content. American behavioral scientist 65, 2 (2021), 180–212.
[33]
Peng Qi, Yuhao Zhang, Yuhui Zhang, Jason Bolton, and Christopher D Manning. 2020. Stanza: A Python natural language processing toolkit for many human languages. arXiv preprint arXiv:2003.07082 (2020).
[34]
William Seymour, Mark Coté, and Jose Such. 2023. Legal Obligation and Ethical Best Practice: Towards Meaningful Verbal Consent for Voice Assistants. In 2023 CHI Conference on Human Factors in Computing Systems. ACM, 285.
[35]
William Seymour and Jose Such. 2023. Ignorance is Bliss? The Effect of Explanations on Perceptions of Voice Assistants. Proceedings of the ACM on Human-Computer Interaction 7, CSCW1 (2023), 1–24.
[36]
William Seymour and Max Van Kleek. 2021. Exploring Interactions Between Trust, Anthropomorphism, and Relationship Development in Voice Assistants. Proceedings of the ACM on Human-Computer Interaction 5, CSCW2 (2021), 1–16.
[37]
Filipo Sharevski, Peter Jachim, Paige Treebridge, Audrey Li, Adam Babin, and Christopher Adadevoh. 2021. Meet Malexa, Alexa’s malicious twin: Malware-induced misperception through intelligent voice assistants. International Journal of Human-Computer Studies 149 (2021), 102604.
[38]
Filipo Sharevski, Anna Slowinski, Peter Jachim, and Emma Pieroni. 2021. " Hey Alexa, What do You Know About the COVID-19 Vaccine?"–(Mis) perceptions of Mass Immunization Among Voice Assistant Users. arXiv preprint arXiv:2105.07854 (2021).
[39]
Dan Su, Jiqiang Liu, Sencun Zhu, Xiaoyang Wang, and Wei Wang. 2020. " Are you home alone?"" Yes" Disclosing Security and Privacy Vulnerabilities in Alexa Skills. arXiv e-prints (2020), arXiv–2010.
[40]
Edson C Tandoc Jr, Zheng Wei Lim, and Richard Ling. 2018. Defining “fake news” A typology of scholarly definitions. Digital journalism 6, 2 (2018), 137–153.
[41]
Kurt Thomas, Devdatta Akhawe, Michael Bailey, Dan Boneh, Elie Bursztein, Sunny Consolvo, Nicola Dell, Zakir Durumeric, Patrick Gage Kelley, Deepak Kumar, 2021. Sok: Hate, harassment, and the changing landscape of online abuse. (2021).
[42]
Stefanie Ullmann and Marcus Tomalin. 2020. Quarantining online hate speech: technical and ethical perspectives. Ethics and Information Technology 22, 1 (2020), 69–80.
[43]
Dawei Wang, Kai Chen, and Wei Wang. 2021. Demystifying the Vetting Process of Voice-controlled Skills on Markets. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 5, 3 (2021), 1–28.
[44]
Liang Wu, Fred Morstatter, Kathleen M Carley, and Huan Liu. 2019. Misinformation in social media: definition, manipulation, and detection. ACM SIGKDD Explorations Newsletter 21, 2 (2019), 80–90.
Index Terms
- Misinformation in Third-party Voice Applications
Recommendations
Detecting repackaged smartphone applications in third-party android marketplaces
CODASPY '12: Proceedings of the second ACM conference on Data and Application Security and PrivacyRecent years have witnessed incredible popularity and adoption of smartphones and mobile devices, which is accompanied by large amount and wide variety of feature-rich smartphone applications. These smartphone applications (or apps), typically organized ...
Leakage of Sensitive Information to Third-Party Voice Applications
CUI '22: Proceedings of the 4th Conference on Conversational User InterfacesIn this paper we investigate the issue of sensitive information leakage to third-party voice applications in voice assistant ecosystems. We focus specifically on leakage of sensitive information via the conversational interface. We use a bespoke testing ...
Launching generic attacks on iOS with approved third-party applications
ACNS'13: Proceedings of the 11th international conference on Applied Cryptography and Network SecurityiOS is Apple's mobile operating system, which is used on iPhone, iPad and iPod touch. Any third-party applications developed for iOS devices are required to go through Apple's application vetting process and appear on the official iTunes App Store upon ...
Comments
Information & Contributors
Information
Published In
July 2023
504 pages
ISBN:9798400700149
DOI:10.1145/3571884
Copyright © 2023 Owner/Author.
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 19 July 2023
Check for updates
Author Tags
Qualifiers
- Work in progress
- Research
- Refereed limited
Funding Sources
- EPSRC
- COMET project TED2021-132900A-I00
Conference
CUI '23
Sponsor:
Acceptance Rates
Overall Acceptance Rate 34 of 100 submissions, 34%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 81Total Downloads
- Downloads (Last 12 months)60
- Downloads (Last 6 weeks)4
Reflects downloads up to 09 Nov 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format