This talk made in March 03. 2022 has been given during the online conference Metaversus : The anti-hype conference on the metaberse (dimensionsxr.c...) organized by the Swiss Society of Virtual and Augmented Reality (SSVAR - ssvar.ch)
#Bio
Cong Shi is currently a Ph.D. candidate in the Wireless Information Network Lab (WINLAB), Rutgers University, under the supervision of Prof. Yingying (Jennifer) Chen.
His research interests include Cyber Security and Privacy, Security in Machine Learning/Artificial Intelligence, Mobile Sensing, Smart Healthcare and Internet of Things (IoT).
His research explores novel machine learning, sensing, signal processing techniques to classify and model research problems related to security and privacy, healthcare, human-computer interaction (HCI), and augmented reality (AR)/virtual reality (VR), with a strong emphasis on system implementation and validation in real-world scenarios.
During his Ph.D. study, he has published 23 journal and conference papers in premium conferences and peer-reviewed journals including ACM CCS, ACSAC, ACM MobiCom, ACM MobiSys, ACM MobiHoc, ACM SenSys, AAAI, ACM UbiComp, IEEE ICASSP, and IEEE TMC.
He is the recipient of two industry-sponsored fellowships by Cisco System and Siemens Corporate Research.
His research has been reported by various media outlets such as BBC News, Yahoo News, NBC New York, Science Daily, etc. For more information, please refer to: winlab.rutgers.....
#Abstract
To support many emerging AR/VR applications, the control logics of AR/VR headsets are shifting from manual finger-based inputs to voice commands via headset-dominated interactions. For example, Oculus Quest supports voice dictation for entering web addresses, controlling the headset, and exploring commercial products. The frequent emerging usage of voice interface in AR/VR scenarios could result in severe privacy leakage if malicious actors can listen onto this communication medium. We find that the built-in motion sensors (accelerometer and gyroscope) of the headset can capture subtle speech-associated facial vibrations when the wearer speaks. Based on the facial vibrations, we develop the first eavesdropping attack (Face-Mic) to infer speaker and speech information, including gender, identity, and speech content. Since accessing these motion sensors usually does not require any user permission, malicious actors may leverage these zero-permission sensors to capture sensitive information, leading to severe privacy leakage. We hope our findings can alert the public on such potential privacy leakage
Speaker's page
---
The director:
Mohamed Jean-Philippe Sangaré
Founder and CEO of SSVAR
/ msangare