The smart speaker provides users with useful functions such as music playback and online search with simple operation. However, since smart speakers always wait for the user's voice, if they are exposed to security threats, serious problems can occur such as eavesdropping and privacy disclosure. Therefore, in order to provide improved security for of all smart speakers, it is necessary to identify potential security threats and systematically investigate vulnerabilities. In this paper, we perform security threat modeling for four products with high market share. STRIDE threat modeling was used to make a checklist for systematic vulnerability checks and the checklist was used to check vulnerabilities of commercial devices. Here, we propose a new method to improve the security of smart speaker through the analysis of the vulnerability check result and the vulnerability of each product.
展开▼