ZJU Researchers Win Best Paper Award for Tackling Phone Hacking


The 2017 edition of ACM Conference on Computer and Communications Security (CCS) was held from October 30 through November 3 in Dallas, Texas. A paper titled “Dolphin Attack: Inaudible Voice Commands” stood out among 11 nominated competitors and was selected as one of the five best papers.

The paper was authored by the research team led by XU Wenyuan and JI Xiaoyu with the Ubiquitous System Security Lab (USS Lab) in ZJU’s College of Electrical Engineering. This is the first time that a Chinese higher education institution has clinched the award, signaling a major breakthrough that Chinese researchers have achieved in the domain of computer and communications security.

Speech recognition systems such as Siri have become a popular human-computer interaction method, and have transformed various systems into voice controllable systems (VCS). Previous work on attacking VCS shows that the hidden voice commands that are incomprehensible to people can control the systems. ZJU researchers designed a completely inaudible attack, Dolphin Attack, that modulates voice commands on ultrasonic carriers to achieve inaudibility. In response, they proposed hardware and software defense solutions. They confirmed that it is feasible to detect Dolphin Attack by classifying the audios using supported vector machine (SVM), and suggested re-designing voice controllable systems to be resilient to inaudible voice command attacks.

The ACM Conference on Computer and Communications Security (CCS) is the flagship annual conference of the Special Interest Group on Security, Audit and Control (SIGSAC) of the Association for Computing Machinery (ACM). The conference brings together information security researchers, practitioners, developers, and users from all over the world to explore cutting-edge ideas and results. It provides an environment to conduct intellectual discussions.

The USS Lab is a platform interweaving electrical engineering, electronics and electrical grids. It is currently working on universal security areas including traditional security, attack/defense, and the security of Internet of things (IoT).