CAREER: Ensuring Privacy, Inclusiveness, and Policy Compliance in the Era of Voice Personal Assistants
Clemson University, Clemson SC
Investigators
Abstract
Voice personal assistants such as Amazon Alexa and Google Assistant are rapidly gaining in both domestic and business popularity. Despite many convenient features they provide, concerns have been raised about the security and privacy, and content safety related risks to end users they also pose. During the interaction with voice assistants, users expect the voice assistants to fulfill their requests without compromising the privacy or being exposed to unsafe content, and without experiencing racial or gender disparities in terms of the automated speech recognition. The project’s novelties are new techniques and mechanisms to ensure privacy, inclusiveness, and policy compliance in voice assistant systems. The project's broader significance and importance include 1) increasing general awareness of cybersecurity in the K-12 community through various outreach and educational activities; 2) training the next generation of cybersecurity researchers; and 3) strengthening cybersecurity education by developing new course materials and hands-on labs. This project first develops a voice-based privacy notice mechanism to enable users (in particular, visually impaired users) to make informed privacy decisions through the voice channel. It creates a new paradigm for accessible and inclusive privacy notification. This project then proposes a machine learning-based dynamic analysis framework, which allows a systematic evaluation of policy compliance and social biases in voice assistant systems. It can be used by users to check for any privacy or content safety violations in voice applications, and can potentially aid government agencies to perform a large-scale investigation into the policy compliance practices of existing voice applications in the Amazon Alexa and Google Assistant platforms. Finally, this project develops static analysis techniques to assist developers in producing policy-compliant voice applications at the development phase. This project also integrates a comprehensive education and outreach plan with the proposed research to train the next generation of cybersecurity researchers in an interdisciplinary environment, and to attract more students from underrepresented groups into the cybersecurity field. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →