Penetration Testing of the Amazon Echo Digital Voice Assistant Using a Denial-of-Service Attack
Document Type
Conference Proceeding
Publication Date
3-5-2020
Publication Title
IEEE SoutheastCon 2019 Conference Proceeding
DOI
10.1109/SoutheastCon42311.2019.9020329
ISBN
978-1-7281-0137-8
ISSN
1558-058X
Abstract
With so much time spent on innovating Internet of Things (IoT) devices, it is believed that not enough time is spent on developing security standards of these devices. Many consumers are especially concerned about the security and privacy of IoT devices. The purpose of this paper is to test an Amazon Echo's vulnerability against a Denial-of-Service (DoS) attack. Using a test wireless network, and assuming that a cyber-criminal already has access to your home network, we monitored the network traffic of the Amazon Echo while it is under a DoS attack. We then used one instance of Kali Linux to perform the attacks on the device, while another instance of Kali was used to monitor the network during the attack. The attackable to cause the device to crash and disconnect from the network. We were also able to analyze the network traffic using Wireshark and show where the network packets were dropping during the attack. We found that initiating a Denial-of-Service attack on an Amazon Echo device could be a fairly easy task. In this paper, we pointed out that if an attacker has the knowledge and ability to gain access to a home network, it can be quite easy to obtain information about the connected devices, using free and relatively simple penetration tools within Kali Linux. Also, proceed to render attacked devices useless by knocking them off the home network.
Recommended Citation
Overstreet, Johnathan Dain, Hayden Wimmer, Rami Haddad.
2020.
"Penetration Testing of the Amazon Echo Digital Voice Assistant Using a Denial-of-Service Attack."
IEEE SoutheastCon 2019 Conference Proceeding: IEEE Xplore.
doi: 10.1109/SoutheastCon42311.2019.9020329 source: 10.1109/SoutheastCon42311.2019.9020329 isbn: 978-1-7281-0137-8
https://digitalcommons.georgiasouthern.edu/information-tech-facpubs/107
Copyright
© Copyright 2020 IEEE - All rights reserved.