Smart Home Personal Assistants: A Security and Privacy Review

Research output: Contribution to journalArticlepeer-review

76 Citations (Scopus)
197 Downloads (Pure)


Smart Home Personal Assistants (SPA) are an emerging innovation that is changing the means by which home users interact with technology. However, several elements expose these systems to various risks: i) the open nature of the voice channel they use, ii) the complexity of their architecture, iii) the AI features they rely on, and iv) their use of a wide range of underlying technologies. This paper presents an in-depth review of SPA’s security and privacy issues, categorizing the most important attack vectors and their countermeasures. Based on this, we discuss open research challenges that can help steer the community to tackle and address current security and privacy issues in SPA. One of our key findings is that even though the attack surface of SPA is conspicuously broad and there has been a significant amount of recent research efforts in this area, research has so far focused on a small part of the attack surface, particularly on issues related to the interaction between the user and the SPA devices. To the best of our knowledge, this is the first article to conduct such a comprehensive review and characterization of the security and privacy issues and countermeasures of SPA.
Original languageEnglish
Article number116
Number of pages35
JournalACM Computing Surveys
Issue number6
Publication statusAccepted/In press - 8 Dec 2020


  • Smart Home Personal Assistants
  • Security and Privacy
  • Voice Assistants
  • Smart Home
  • Amazon Echo/Alexa
  • Google Home/Assistant
  • Apple Home Pod/Siri
  • Microsoft Home Speaker/Cortana
  • human-centered computing
  • Security and privacy
  • Security requirements
  • Social aspects of security and privacy
  • Natural language interfaces


Dive into the research topics of 'Smart Home Personal Assistants: A Security and Privacy Review'. Together they form a unique fingerprint.

Cite this