NUIT Attack

Near-Ultrasound Inaudible Trojan (NUIT): Exploit Your Speaker to Attack Your Microphone

NUIT-1

NUIT-1

NUIT-2

NUIT-2

What is NUIT?

NUIT is a novel inaudible attack against voice assistants (Siri, Google Assistant, Alexa, Cortana) that can be waged remotely through internet. Nuit appears as a sound clip in near-ultrasound frequency range (16kHz-20kHz), thus can be played on the victim's COTS speaker to attack the voice assistant (i) on the same device (NUIT-1)；(ii) on victim's other devices (NUIT-2).

Note that Nuit2 is between two phones (Device 1: performs as the attacking device or the speaker. Device 2 is the victim device, which voice assistants are the NUIT2 attacks’ target)

appears in USENIX Security Symposium 2023

To cite

@inproceedings {287266,

title = {{Near-Ultrasound} Inaudible Trojan (Nuit): Exploiting Your Speaker to Attack Your Microphone},

booktitle = {32nd USENIX Security Symposium (USENIX Security 23)},

year = {2023},

address = {Anaheim, CA},

url = {https://www.usenix.org/node/287267},

publisher = {USENIX Association},

month = aug,

}

Other NUIT 1 Demos(Exploiting Your Speaker to Attack Your Microphone on the Same Device) :

NUIT-1 Silent Response End-to-End Attack:

https://youtu.be/TUnPFR35AR4

Embedded into a file with no background music:

iPhone XR YouTube "What time is it": https://youtu.be/7pW7KPE0o7s
iPhone XR audio play "What time is it": https://youtu.be/VaVGDX8i3wk
iPhone XR "Call 12345": https://youtu.be/HhlXXaGIjk8
iPhone XR "Turn down the volume": https://youtu.be/xItQAW6Qlow
iPhone XR "Tell me a joke": https://youtu.be/7LGQojWHRRE
iPhone XR "What's the weather": https://youtu.be/ZjzwWdlBQRQ
iPhone XR "Read my message": https://youtu.be/S_cfqmKQTpM
iPhone X audio play: https://youtu.be/OUawcaQc7RQ
Samsung Galaxy Youtube "Hey Google": https://youtu.be/Oyp3vkwPK2k
Samsung galaxy audio play "Hey Google": https://youtu.be/QcUEWpnm-E0
Samsung Galaxy "What time is it": https://youtu.be/N0CaJN2jXF8
Amazon Echo "What's the weather": https://youtu.be/v0Tmt5i2WWU
Cortana: https://youtu.be/_lOTjkZbC2w

Embedded into a file with background music:

iPhone XR audio play "What time is it": https://youtu.be/j6uVpo5VQkA
iPhone XR "Call 12345": https://youtu.be/qq1n0YMinWQ
iPhone XR "Turn down the volume": https://youtu.be/HQ2EjS1e5jA
iPhone XR "Tell me a joke": https://youtu.be/xsKYYtPnugo
iPhone XR "What's the weather": https://youtu.be/a94hfkthovk
iPhone XR "Read my message": https://youtu.be/D_w32GZ51eA
iPhone X audio play: https://youtu.be/OUawcaQc7RQ
Samsung Galaxy "Turn down the volume": https://youtu.be/iRIr5tV6bAo

Real-time online chatting attack:

zoom meeting cortana: https://youtu.be/1oivS6aTnoU

Other NUIT 2 Demos(Exploiting Your Speaker on One Device to Attack Your Microphone on Another Device):

NUIT-2 Silent Response End-to-End Attack:

https://youtu.be/mFmS4vvL8ko

Between two phones:

Android Phone to iPhone: https://youtu.be/w-YCzlwKkZk
Android Phone to Android Phone:https://youtu.be/diJZ_c8F5X4
iPhone to Android Phone: https://youtu.be/SJKLE1crsXE
iPhone 13 mini to iPhone XR: https://youtu.be/9Y7VOQODU-0
iPhone XR to iPhone 13 mini: https://youtu.be/SzfECT9dcOc

Between a phone and another IoT device (laptop, google home, echo, desktop)

Android Phone to Google Home: https://youtu.be/luegUmdqty8
iPhone to Cortana: https://youtu.be/wF4P55G_pq8
iPhone to Echo dot (activation) : https://youtu.be/jtg5d6dcTsw
iPhone to Echo dot "what weather is it": https://youtu.be/73ZCYo3avsQ
Google Home to Android Phone: https://youtu.be/Wefp76782yI
TV to Android Phone: https://youtu.be/PLJUSfr_Ask
TV to Echo: https://youtu.be/70-Wxhp6fRk
TV to iPhone: https://youtu.be/gXVLcr37WEM
iMac to iPhone: https://youtu.be/MmS89YXDGxE
iMac to Android Phone: https://youtu.be/PaqS1u4LBso
Ford Fusion Audio to Android Phone: https://youtu.be/SeLdAjNaLR0
Ford Fusion Audio to iPhone: https://youtu.be/876MHVm_TQo

Between two IoT devices:

Echo to GoogleHome: https://youtu.be/ZtIm7OpyawM
Google Home to Echo: https://youtu.be/ZtIm7OpyawM
iMac to Echo: https://youtu.be/-z1esoLwRxY
iMac to Google Home: https://youtu.be/J7HdY1nN1_M
iMac to Cortana: https://youtu.be/FQRvRAe-hi8
TV to Echo: https://youtu.be/70-Wxhp6fRk

Real-time online chatting attack:

Zoom meeting real-time attack(iMac to phone): https://youtu.be/SZWJiuyN_rI
Zoom meeting real-time attack(Macbook to phone): https://youtu.be/pKO5MSykx_E

Embedded into a file with background music:

iMac to Android Phone: https://youtu.be/O38HfoEIeuU
iMac to Echo: https://youtu.be/CcwJqj8Qhgo
iMac to iPhone: https://youtu.be/Jv--MnzXVFc
Android Phone to iPhone: https://youtu.be/OgLS0ua0OgQ

Directionality Test

https://youtu.be/zb8NYfI58jk

iPhone 6 Plus vs. iPhone X,XR legit command test

https://youtu.be/ig1-YPlnGj8

Contact us for future collaboration at

iot.ece@utsa.edu

NUIT is discovered by researchers from University of Texas at San Antonio and University of Colorado Colorado Springs. We are:

Qi Xia （corresponding author)

Homepage: https://sites.google.com/view/qixia/home

Prof. Qian Chen

Homepage: https://ceid.utsa.edu/electrical-computer/team/qian-chen/

Prof. Shouhuai Xu

Homepage: https://eas.uccs.edu/cs/about/faculty/shouhuai-xu

Page updated

Google Sites

Report abuse