A Secure Lightweight Voice Authentication System (VAS) for IoT Environments

Abstract

The Internet of Things (IoT) provides everyday devices ways to identify and communicate with other devices and their users. The users can be human beings or other devices. The spectrum of IoT applications is very large and includes wearables such as body-area-network-devices and smartwatches. Other IoT application domains include smart homes, smart cities, e-health, etc. IoT devices have the capability for collecting information about surroundings, analyzing, and making decisions without user intervention. Therefore, security in IoT environments is a critical requirement. Particularly, authentication is of high interest given the potential damage that may result from unauthorized access to such devices. This dissertation proposes a biometric based authentication model that can be used in IoT devices. The survey of related work evaluated different biometrics used for authentication which were compared for their suitability in such an environment. In considering the resource-constrained nature of IoT devices, a voice biometrics is preferred compared to other biometrics, such as fingerprint, iris scan, keystrokes, among others that would need dedicated hardware devices in such ecosystems. In the second part of the dissertation, two separate deep learning approaches that extract and classify voice features were studied to detect and prevent voice replay spoofing attacks. These approaches are based on a convolutional neural network (CNN) and a deep neural network (DNN). The CNN approach was used as a feature extractor, while the DNN approach was used as a classifier. In addition, hybrid features that consist of Mel frequency Cepstral Coefficients (MFCC) and Constant Q Cepstral Coefficients (CQCC) features were used to train both approaches. Compared to other state-of-the-art voice authentication approaches, both the CNN and DNN approaches improved the state of detecting spoof replay attacks in speaker verification. Finally, enticed by the results of the two approaches, a voice-based authentication system that can be used in a network of IoT devices was developed. Afterwards, the system was validated in an experiment using virtualized IoT devices. The authentication system has shown improved relative accuracy by 15.8 percent.