I am a second year CS Ph.D. student in Networked System Lab (NSL) at University of Southern California advised by Prof. Ramesh Govindan.
Before joining USC, I obtained M.S. in Computer Science and Engineering at University of California, San Diego advised by Prof. Xinyu Zhang, and received B.E. in Software Engineering at Nanjing University.
My research interests lie in Mobile AR, IoT Security & Privacy and Vehicle-to-everything (V2X).
Graduate Research Assistant (July 2022 - Present)
Networked Systems Lab, University of Southern California, Los Angeles, USA.
Research Intern (May 2023 - Aug 2023)
General Motors Research and Development, Warren, USA.
Mentor: Chuan Li and Fan Bai
Teaching Assistant at UCSD
Course: DSE 201, Database Management System, Winter 2022 , Instructor: Prof. Alin Deutsch
Teaching Assistant at UCSD
Course: CSE 256, Statistical Natural Language Processing, Spring 2022 , Instructor: Prof. Ndapandula Nakashole
Voice User Interfaces (VUIs) are becoming an indispensable module that enables hands-free interaction between human users and smartphones. Unfortunately, recent research revealed a side channel that allows zero-permission motion sensors to eavesdrop on the VUI voices from the co-located smartphone loudspeaker. Nonetheless, these threats are limited to leaking a small set of digits and hot words. In this paper, we propose StealthyIMU, a new threat that uses motion sensors to steal permission-protected private information from the VUIs. We develop a set of efficient models to detect and extract private information, taking advantage of the deterministic structures in the VUI responses. Our experiments show that StealthyIMU can steal private information from 23 types of frequently-used voice commands to acquire contacts, search history, calendar, home address, and even GPS trace with high accuracy. We further propose effective mechanisms to defend against StealthyIMU without noticeably impacting the user experience.
