Secure Voice Input on Augmented Reality Headsets

Research output: Contribution to journalArticlepeer-review

1 Scopus citations


Voice-based input is usually used as the primary input method for augmented reality (AR) headsets due to immersive AR experience and good recognition performance. However, recent researches show that attackers can inject inaudible voice commands to the devices that lack voice verification. Even if we secure voice input with voice verification techniques, attackers can record the victim's voice and replay it. To defend against voice-spoofing attacks, AR headsets should be able to determine whether the voice is from the person who is using the AR headsets. Existing voice-spoofing defense systems are designed for smartphone platforms and usually fail to work due to the special locations of microphones and loudspeakers on AR headsets. To address this challenge, in this paper, we propose a voice-spoofing defense system for AR headsets by leveraging both the internal body propagation and the air propagation of human voices. Experimental results show that our system can successfully accept normal users with average accuracy of 97 percent and defend against two basic types of attacks with average accuracy of at least 98 percent. More importantly, even if the attackers can fool our line-fitting model by manipulating special voice signals, our MCD-SVDD model can still reject them with accuracy of 100 percent.

Original languageEnglish
Pages (from-to)1420-1433
Number of pages14
JournalIEEE Transactions on Mobile Computing
Issue number4
StatePublished - 1 Apr 2022


  • AR headsets
  • liveness detection
  • voice spoofing attack


Dive into the research topics of 'Secure Voice Input on Augmented Reality Headsets'. Together they form a unique fingerprint.

Cite this