[17] duo.com, “DUO,” https://duo.com/product/trusted-users/
two-factor-authentication/authentication-methods, 2019, accessed:
2019-09-07.
[18] V. Giurgiutiu, “Lamb wave generation with piezoelectric wafer active
sensors for structural health monitoring,” in Smart Structures and
Materials 2003: Smart Structures and Integrated Systems, vol. 5056,
2003, pp. 111–123.
[19] Y. Gong and C. Poellabauer, “Crafting adversarial examples for speech
paralinguistics applications,” arXiv preprint arXiv:1711.03280, 2017.
[20] ——, “An overview of vulnerabilities of voice controlled systems,”
arXiv preprint arXiv:1803.09156, 2018.
[21] Google, “Allow lock screen personal results on your android phone,”
https://support.google.com/assistant/answer/9134021, 2019, accessed:
2019-09-04.
[22] R. Gorgin, Z. Wu, D. Gao, and Y. Wang, “Damage size characterization
algorithm for active structural health monitoring using the a0 mode of
lamb waves,” Smart Materials and Structures, vol. 23, no. 3, p. 035015,
2014.
[23] K. F. Graff, Wave motion in elastic solids. Courier Corporation, 2012.
[24] T. Hayashi, W.-J. Song, and J. L. Rose, “Guided wave dispersion curves
for a bar with an arbitrary cross-section, a rod and rail example,”
Ultrasonics, vol. 41, no. 3, pp. 175–183, 2003.
[25] intellias, “The rise of voice payment technology in bankingh,” https://
www.intellias.com/the-rise-of-voice-payment-technology-in-banking/,
2019, accessed: 2019-09-07.
[26] Y. Jang, C. Song, S. P. Chung, T. Wang, and W. Lee, “Ally attacks:
Exploiting accessibility in operating systems,” in Proceedings of the
2014 ACM SIGSAC Conference on Computer and Communications
Security, 2014, pp. 103–115.
[27] P. Jayaram, H. Ranganatha, and H. Anupama, “Information hiding
using audio steganography–a survey,” The International Journal of
Multimedia & Its Applications (IJMA) Vol, vol. 3, pp. 86–96, 2011.
[28] C. Kasmi and J. L. Esteves, “Iemi threats for information security: Re-
mote command injection on modern smartphones,” IEEE Transactions
on Electromagnetic Compatibility, vol. 57, no. 6, pp. 1752–1755, 2015.
[29] X. Lei, G.-H. Tu, A. X. Liu, C.-Y. Li, and T. Xie, “The insecurity
of home digital voice assistants-amazon alexa as a case study,” arXiv
preprint arXiv:1712.03327, 2017.
[30] J. Liu, Y. Chen, M. Gruteser, and Y. Wang, “Vibsense: Sensing touches
on ubiquitous surfaces through vibration,” in 2017 14th Annual IEEE
International Conference on Sensing, Communication, and Networking
(SECON), 2017, pp. 1–9.
[31] J. Liu, C. Wang, Y. Chen, and N. Saxena, “Vibwrite: Towards finger-
input authentication on ubiquitous surfaces via physical vibration,” in
Proceedings of the 2017 ACM SIGSAC Conference on Computer and
Communications Security, 2017, pp. 73–87.
[32] K. Liu, S. Ma, Z. Wu, Y. Zheng, X. Qu, Y. Wang, and W. Wu, “A novel
probability-based diagnostic imaging with weight compensation for
damage localization using guided waves,” Structural Health Monitoring,
vol. 15, no. 2, pp. 162–173, 2016.
[33] Lyrebird, “Ultra-realistic voice cloning and text-to-speech,” https://
lyrebird.ai/, 2019, accessed: 2019-09-07.
[34] mcmaster, “Mcmaster-carr,” https://www.mcmaster.com/, 2020, ac-
cessed: 2020-01-10.
[35] M. Mitra and S. Gopalakrishnan, “Guided wave based structural health
monitoring: A review,” Smart Materials and Structures, vol. 25, no. 5,
p. 053001, 2016.
[36] G. Petracca, Y. Sun, T. Jaeger, and A. Atamli, “Audroid: Preventing
attacks on audio channels in mobile devices,” in Proceedings of the 31st
Annual Computer Security Applications Conference, 2015, pp. 181–190.
[37] T. L. Project, “Lineageos android distribution,” https://https://lineageos.
org/, 2020, accessed: 2020-01-03.
[38] N. L. Psesce, “Here’s why you’re getting so many
spam phone calls,” https://www.marketwatch.com/story/
heres-why-youre-getting-so-many-spam-phone-calls-2018-10-12,
2017, accessed: 2019-09-07.
[39] J. L. Rose, Ultrasonic waves in solid media. Cambridge university
press, 2004.
[40] N. Roy and R. R. Choudhury, “Ripple II: Faster communication through
physical vibration,” in 13th USENIX Symposium on Networked Systems
Design and Implementation (NSDI 16), 2016, pp. 671–684.
[41] N. Roy, H. Hassanieh, and R. Roy Choudhury, “Backdoor: Making
microphones hear inaudible sounds,” in Proceedings of the 15th An-
nual International Conference on Mobile Systems, Applications, and
Services, 2017, pp. 2–14.
[42] N. Roy, S. Shen, H. Hassanieh, and R. R. Choudhury, “Inaudible
voice commands: The long-range attack and defense,” in 15th USENIX
Symposium on Networked Systems Design and Implementation (NSDI
18), 2018, pp. 547–560.
[43] L. Sch
¨
onherr, K. Kohls, S. Zeiler, T. Holz, and D. Kolossa, “Adversarial
attacks against automatic speech recognition systems via psychoacoustic
hiding,” in Network and Distributed Systems Security (NDSS) Sympo-
sium, 2019.
[44] L. Song and P. Mittal, “Inaudible voice commands,” arXiv preprint
arXiv:1708.07238, 2017.
[45] STEMINC, “Piezo disc 92 khz r 22x0.25mm wire lead,” https://www.
steminc.com/PZT/en/piezo-disc-7-mhz-r-22x025mm-wire-lead, 2019,
accessed: 2019-09-07.
[46] Z. Su and L. Ye, Identification of damage using Lamb waves: from
fundamentals to applications. Springer Science & Business Media,
2009, vol. 48.
[47] T. Trippel, O. Weisse, W. Xu, P. Honeyman, and K. Fu, “Walnut:
Waging doubt on the integrity of mems accelerometers with acoustic
injection attacks,” in 2017 IEEE European Symposium on Security and
Privacy (EuroS&P), 2017, pp. 3–18.
[48] T. Vaidya, Y. Zhang, M. Sherr, and C. Shields, “Cocaine noodles:
exploiting the gap between human and machine speech recognition,” in
9th USENIX Workshop on Offensive Technologies (WOOT 15), 2015.
[49] wiki, “Absolute threshold of hearing,” https://en.wikipedia.org/wiki/
Absolute\
threshold\ of\ hearing, 2020, accessed: 2020-01-17.
[50] P. Wilcox, M. Lowe, and P. Cawley, “Mode and transducer selection
for long range lamb wave inspection,” Journal of intelligent material
systems and structures, vol. 12, no. 8, pp. 553–565, 2001.
[51] X. Yuan, Y. Chen, Y. Zhao, Y. Long, X. Liu, K. Chen, S. Zhang,
H. Huang, X. Wang, and C. A. Gunter, “Commandersong: A systematic
approach for practical adversarial voice recognition,” in 27th USENIX
Security Symposium (USENIX Security 18), 2018, pp. 49–64.
[52] G. Zhang, C. Yan, X. Ji, T. Zhang, T. Zhang, and W. Xu, “Dolphi-
nattack: Inaudible voice commands,” in Proceedings of the 2017 ACM
SIGSAC Conference on Computer and Communications Security, 2017,
pp. 103–117.
[53] N. Zhang, X. Mi, X. Feng, X. Wang, Y. Tian, and F. Qian, “Dangerous
skills: Understanding and mitigating security risks of voice-controlled
third-party functions on virtual personal assistant systems,” in IEEE
Symposium on Security and Privacy (SP), 2019.
APPENDIX
A. Material Properties
The material properties of five different materials, including
Ceramic, Aluminum, Glass, MDF, HDPE, are listed in Table X.
TABLE X: Material properties and acoustic impedances of
different materials.
Materials
Young’s module
(Gpa)
Poisson ratio
Density
(kg/m
3
)
Acoustic impedance
(MPa· s/m)
Ceramic 350 0.22 3,800 23.3
Aluminum 70 0.33 2,740 8.5
Glass 50 0.22 2,580 7.27
MDF 4 0.25 750 1.1
HDPE 0.6 0.46 930 0.437
18