Skip to main content
Skip to main content

Shouhuai Xu, the Gallogly Endowed Engineering Chair in Cybersecurity and Professor in computer science, and Guenevere Chen, an associate professor in the UTSA Department of Electrical and Computer Engineering, recently published a paper on USENIX Security 2023 that demonstrates a novel inaudible voice trojan attack to exploit vulnerabilities of smart device microphones and voice assistants — like Siri, Google Assistant, Alexa or Amazon’s Echo and Microsoft Cortana — and provide defense mechanisms for users.

The researchers developed Near-Ultrasound Inaudible Trojan, or NUIT (French for “nighttime”) to study how hackers exploit speakers and attack voice assistants remotely and silently through the internet.

Chen, her doctoral student Qi Xia, and Xu used NUIT to attack different types of smart devices from smart phones to smart home devices. The results of their demonstrations show that NUIT is effective in maliciously controlling the voice interfaces of popular tech products and that those tech products, despite being on the market, have vulnerabilities.

“The technically interesting thing about this project is that the defense solution is simple; however, in order to get the solution, we must discover what the attack is first,” said Xu.

The most popular approach that hackers use to access devices is social engineering, Chen explained. Attackers lure individuals to install malicious apps, visit malicious websites or listen to malicious audio.

For example, an individual’s smart device becomes vulnerable once they watch a malicious YouTube video embedded with NUIT audio or video attacks, either on a laptop or mobile device. Signals can discreetly attack the microphone on the same device or infiltrate the microphone via speakers from other devices such as laptops, vehicle audio systems, and smart home devices.

“If you play YouTube on your smart TV, that smart TV has a speaker, right? The sound of NUIT malicious commands will become inaudible, and it can attack your cell phone too and communicate with your Google Assistant or Alexa devices. It can even happen in Zooms during meetings. If someone unmutes themselves, they can embed the attack signal to hack your phone that’s placed next to your computer during the meeting,” Chen explained.

Once they have unauthorized access to a device, hackers can send inaudible action commands to reduce a device’s volume and prevent a voice assistant’s response from being heard by the user before proceeding with further attacks. The speaker must be above a certain noise level to successfully allow an attack, Chen noted, while to wage a successful attack against voice assistant devices, the length of malicious commands must be below 77 milliseconds (or 0.77 seconds).

“This is not only a software issue or malware. It’s a hardware attack that uses the internet. The vulnerability is the nonlinearity of the microphone design, which the manufacturer would need to address,” Chen said. “Out of the 17 smart devices we tested, Apple Siri devices need to steal the user’s voice while other voice assistant devices can get activated by using any voice or a robot voice.”

NUIT can silence Siri’s response to achieve an unnoticeable attack as the iPhone’s volume of the response and the volume of the media are separately controlled. With these vulnerabilities identified, Chen and team are offering potential lines of defense for consumers. Awareness is the best defense, the UTSA researcher says. Chen recommends users authenticate their voice assistants and exercise caution when they are clicking links and grant microphone permissions.

She also advises the use of earphones in lieu of speakers.

“If you don’t use the speaker to broadcast sound, you’re less likely to get attacked by NUIT. Using earphones sets a limitation where the sound from earphones is too low to transmit to the microphone. If the microphone cannot receive the inaudible malicious command, the underlying voice assistant can’t be maliciously activated by NUIT,” Chen explained.

Research toward the development of NUIT was partially funded by a grant from the Department of Energy National Nuclear Security Administration’s (NNSA) Minority Serving Institutions Partnership Program (MSIPP). The $5 million grant supports research by the Consortium On National Critical Infrastructure Security (CONCISE) and allows the creation of certification related to leveraging Artificial Intelligence (AI) and block-chain technology to enhance critical infrastructure cybersecurity posture.

UCCS has a uniquely integrated campus cybersecurity model and is considered the center of cybersecurity education for the University of Colorado system. The university is primed to meet the cybersecurity needs of our nation, from education and research partnerships to developing the cybersecurity workforce of the future.

UTSA is a nationally recognized leader in cybersecurity. It is one of few colleges or universities in the nation – and the only Hispanic Serving Institution – to have three National Centers of Academic Excellence designations from the U.S. Department of Homeland Security and National Security Agency.

Why not forge a new path?

UCCS first-generation student and former track athlete Kayla Waterman-Vandiver has her sights set on a PhD and a career in academia.

Why not forge a new path?

UCCS first-generation student and former track athlete Kayla Waterman-Vandiver has her sights set on a PhD and a career in academia.

Kayla Waterman-Vandiver remembers the day in college when her dream career changed.

Waterman-Vandiver had planned to be a medical doctor from a young age and, with this in mind, was studying biology at the University of Colorado Colorado Springs (UCCS).

However, she began to consider a research career after a class in skeletal muscle physiology where Prof. Robert Jacobs opened her eyes to new possibilities. Waterman-Vandiver says her “aha” moment came when she received particularly affirming feedback on an assignment.

“Professor Jacobs told me he could see me flourishing as a scientist,” Waterman-Vandiver says. “That really was a pivotal moment for me because he was telling me I was on the right path.”

Jacobs' confidence in Waterman-Vandiver's academic abilities factored heavily in her decision to pursue postgraduate study in the biosciences rather than applying for medical school. Her new dream is to obtain a PhD and research type 2 diabetes, women’s health or sports medicine with a focus on female athletes.

People ask me why I want to stay in school, but I say, ‘Why not stay in school?’ Why not enjoy yourself along the way and learn as much as you can so you can make a bigger impact when you graduate?
– Kayla Waterman-Vandiver

“I know that six additional years seems like a really long time and people ask me why I want to stay in school,” she says. “But I say, ‘Why not stay in school?’ Why not enjoy yourself along the way and learn as much as you can so you can make a bigger impact when you graduate?”


Helping Students Reach Their Full Potential

Scholarships have made it possible for Waterman-Vandiver to stay in school and reach her goal of earning an advanced degree, a path no one else in her family has taken.

“I push myself because my mom in particular always felt like she had the potential to do more,” says Waterman-Vandiver, the youngest of six siblings.

Kayla Waterman-Vandiver with her parents Jason and Katrina at her high school graduation. 
As an undergraduate, she qualified for the Bruce and Anne Shepard Reach Your Peak Scholarship which covered most of her tuition costs.

“The scholarship was really helpful during my undergraduate years,” Waterman-Vandiver says. “It was my largest scholarship and it let me walk away with much less college debt.”

Other scholarships, such as the UCCS Chancellor’s Award and the UCCS Graduate Research Fellowship, also helped cover the cost of her undergraduate and graduate education.


Finding Motivation Through Athletics

Waterman-Vandiver flourished at UCCS both as a student and a track-and-field athlete. In 2019, 2020 and 2021, the team won the Rocky Mountain Athletic Conference Championships. Because of her outstanding performance, after her first year, Waterman-Vandiver was awarded an athletic scholarship.

“I really love track because it shows you a different side of discipline and determination than schooling and academics,” Waterman-Vandiver says.

kate

 

Kayla Waterman-Vandiver on the track at the Mountain Lion Fieldhouse.

 

Waterman-Vandiver and her teammates found their home at the Mountain Lion Fieldhouse. Made possible in part by donor support, the facility became a home base for the UCCS track-and-field team.

“It was awesome to be able to be done with our running workouts and go straight to the weight room,” Waterman-Vandiver recalls. “Having that one facility for all of us made us feel like more of a team.”


Exploring a Passion for Research

Being part of an athletics team also piqued Waterman-Vandiver’s interest in women’s health, which is now a focus of her research.

After graduating magna cum laude with her bachelor’s degree, Waterman-Vandiver hit the ground running as a graduate student. With Jacobs as her thesis advisor, she is working on two research projects, one which focuses on mitochondrial function in aging and type 2 diabetes and the other relates to treating hot flashes in menopausal women.

kate doing research

“I realized last year that there are very few women studied in scientific research,” she says. “So, I want to contribute to our understanding of women’s health by doing more research with female participants.”

Jacobs attributes Waterman-Vandiver’s growth and success at UCCS to her work ethic.  

“Her tremendous academic efforts at UCCS have allowed her the opportunity to pursue a doctoral degree in one of the nation’s preeminent laboratories studying human bioenergetics,” Jacobs says. “I am sincerely excited to see what Kayla’s future brings.”

CU Colorado Springs
“We thought about the toilets,” she recalls. A lot.

 

That’s what Mae Rohrbach learned in the UCCS dorms in the fall of 2013.

“We had to flush it multiple times until we got it fixed. I thought: There is so much water being wasted,” says Mae, now a senior studying geography and environmental studies.

Most students would fix it and forget it. But Mae and a couple classmates from her “Sustainable Me” environmental studies course knew this problem deserved a longer look.

“We thought about the toilets,” she recalls. A lot.

Specifically that about 200 of them used 3.5 gallons per flush. Efficient toilets use just 1.8 gallons, reducing costs and water usage. So Mae and her classmates worked with campus officials and sought funding to install more efficient toilets. By May, she and volunteers replaced the old commodes and smashed them into recycled materials for campus pavement.

“It’s come full circle,” Mae says of the Toilet Retrofit Project, which has saved UCCS about $15,000 in water costs.

She enrolled at UCCS partially because of its commitment to sustainability (the campus’ beauty didn’t hurt either: ”I love the views,” she says). During her campus tour, she happily spotted the university’s recycling and composting efforts, and she wanted to get involved. Mae spoke to campus sustainability leaders about volunteering and has spearheaded two major sustainability projects as a student at UCCS— the Toilet Retrofit Project and the installation of a dining hall vending machine called OZZI that lowers meal costs for students who choose reusable food containers. Mae wants to tackle one more project before graduating and heading to the Peace Corps: bringing non-potable recycled “grey” water to campus to save resources.

Mae knows this means major logistical hurdles, but she has put real-world skills—how to plan, coordinate with leaders and build a case for her ideas—into action. UCCS has taught her to view problems as opportunities to help: “This is something that could be changed for the better. What can I do about it?”

“Service is a core part of who I am,” she says. “My perspectives may change, but service will not. That will always be a part of me. You only have so much time on this planet, and what I want to do with that time is serve others.”

CU Colorado Springs
At UCCS, ‘unstoppable’ women scholars shed obstacles, commit to success

Tiffany Sinclair’s journey took some unexpected turns.

She endured the sudden death of her husband from toxic shock syndrome, the diagnosis of her 11-year-old daughter with brain cancer, then the death of her mother from liver cancer.

So when Tiffany was notified several years back that the University of Colorado Colorado Springs had accepted her as a Karen Possehl Women’s Endowment (KPWE) scholar, she remembered being shocked.

“I thought, ‘Wow. Somebody heard my story,’” she said. “It was really the inspiration for me to keep going.”

Which she did, all the way to the master’s in counseling and human services she earned in 2015.

Each year at UCCS’ KPWE Unstoppable Women’s Luncheon, more than 400 people gather to hear stories like Tiffany’s, shed tears of joy and share looks of amazement.

Then, they make gifts to support more UCCS scholars who have overcome formidable personal obstacles to their college education.

Just a few of the challenges KPWE scholars have overcome include spousal abuse, substance addiction and family health crises.

Such challenges are extreme even compared with other nontraditional UCCS students—and nationally, only about one in three “typical” nontraditional students graduate. But with the program’s tuition support (more than $350,000 in 20 years), personal mentorship, and childcare support, KPWE scholars have a 93 percent graduation rate.

The Unstoppable Women’s Luncheon is annually a red-letter date not only for UCCS, but also for Colorado Springs civic and community leaders who often double as KPWE mentors. One such leader is local arts luminary Mary Mashburn.

“Every year, I wear the same jacket to this event, and I contribute what I don’t spend on a new jacket for this event as a donation to KPWE,” Mary told the crowd in 2015, her ninth year at the luncheon.

CU Colorado Springs
Before there was the state of Colorado, there was the University of Colorado.

Before there was CU, a courageous and tenacious few were so profoundly committed to the transformative power of an education.

The idea of a public university in the young Colorado territory was considered a valuable and worthwhile pursuit as early as 1861. But political disputes, economic distress and local jealousies stalled the idea from becoming a reality for years. Some folks clamored that Colorado didn’t have any use for an academic institution.

But some early settlers never gave up.

First, there was the gift of land. Three Boulder families—Marinus and Annie Smith, George and Mary Andrews, and Anthony and Mary Arnett—collectively donated 51 acres of land on the heights south of Boulder Creek, which was formally accepted in January 1872 by the legislature as the permanent location of the future university.

Funds were still needed for a university building. Bitter rivalries among Colorado’s lawmakers, who wanted their communities selected instead as the home for a public university, continued to embroil the idea for another two years. Then, in January 1874, the Colorado Territorial Legislature agreed to provide $15,000, a sizeable sum in those days, toward a university on the condition Boulder citizens contribute an equal amount.

David Nichols, the territory’s speaker of the house and a Boulder resident, realized he needed to immediately raise the necessary funds, lest his town lose the opportunity.

Legend has it, Nichols said: “If $15,000 is what they want, we’ll get it.”  

Like Paul Revere, he rode by horseback that cold and rainy January night for five hours the 30 miles between Denver to Boulder to knock on the doors of ordinary citizens to see if they could—if they would—donate the money.

The fate of CU hung in the balance.

By the time a weary Nichols was back at his legislative seat in Denver the next morning, Boulder residents—104 parties, to be exact—had pledged the funds needed to secure the University of Colorado, and the appropriation bill passed.

Collectively, the citizens of Boulder committed a total of $16,806.66—more than enough to give the fledgling university a permanent home. Pledges ranged from $15 to $1,000. More than half the donors contributed fewer than $100. Finally, after long years of struggle, the University of Colorado was more than an idea—it had sufficient funds to begin the construction of the first university building.

On Sept. 20, 1875, the cornerstone for Old Main was laid. By the following spring, CU officially opened its doors, five months before the Centennial State joined the union in 1876.

After 15 years of effort, and though these early philanthropic contributions placed a true hardship on Boulder’s frontier families, their commitment to education remains an enduring testament to what CU stands for to this day.

It is a legacy upon which we continue to build and honor.

CU Anschutz
CU Boulder
CU Colorado Springs
CU Denver
Subscribe to CU Colorado Springs