Back to Search Start Over

SkillSim: voice apps similarity detection

Authors :
Zhixiu Guo
Ruigang Liang
Guozhu Meng
Kai Chen
Source :
Cybersecurity, Vol 6, Iss 1, Pp 1-17 (2023)
Publication Year :
2023
Publisher :
SpringerOpen, 2023.

Abstract

Abstract Virtual personal assistants (VPAs), such as Amazon Alexa and Google Assistant, are software agents designed to perform tasks or provide services to individuals in response to user commands. VPAs extend their functions through third-party voice apps, thereby attracting more users to use VPA-equipped products. Previous studies demonstrate vulnerabilities in the certification, installation, and usage of these third-party voice apps. However, these studies focus on individual apps. To the best of our knowledge, there is no prior research that explores the correlations among voice apps.Voice apps represent a new type of applications that interact with users mainly through a voice user interface instead of a graphical user interface, requiring a distinct approach to analysis. In this study, we present a novel voice app similarity analysis approach to analyze voice apps in the market from a new perspective. Our approach, called SkillSim, detects similarities among voice apps (i.e. skills) based on two dimensions: text similarity and structure similarity. SkillSim measures 30,000 voice apps in the Amazon skill market and reveals that more than 25.9% have at least one other skill with a text similarity greater than 70%. Our analysis identifies several factors that contribute to a high number of similar skills, including the assistant development platforms and their limited templates. Additionally, we observe interesting phenomena, such as developers or platforms creating multiple similar skills with different accounts for purposes such as advertising. Furthermore, we also find that some assistant development platforms develop multiple similar but non-compliant skills, such as requesting user privacy in a non-compliance way, which poses a security risk. Based on the similarity analysis results, we have a deeper understanding of voice apps in the mainstream market.

Details

Language :
English
ISSN :
25233246
Volume :
6
Issue :
1
Database :
Directory of Open Access Journals
Journal :
Cybersecurity
Publication Type :
Academic Journal
Accession number :
edsdoj.947a7c775def47468e78f325269fb3b6
Document Type :
article
Full Text :
https://doi.org/10.1186/s42400-023-00150-3