1165 lines
40 KiB
HTML
1165 lines
40 KiB
HTML
<!DOCTYPE html>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<html class="theme-next muse use-motion" lang="zh-Hans">
|
||
<head><meta name="generator" content="Hexo 3.8.0">
|
||
<meta charset="UTF-8">
|
||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
|
||
<meta name="theme-color" content="#222">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<script src="/lib/pace/pace.min.js?v=1.0.2"></script>
|
||
<link href="/lib/pace/pace-theme-center-atom.min.css?v=1.0.2" rel="stylesheet">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<meta http-equiv="Cache-Control" content="no-transform">
|
||
<meta http-equiv="Cache-Control" content="no-siteapp">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<link href="/lib/fancybox/source/jquery.fancybox.css?v=2.1.5" rel="stylesheet" type="text/css">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<link href="/lib/font-awesome/css/font-awesome.min.css?v=4.6.2" rel="stylesheet" type="text/css">
|
||
|
||
<link href="/css/main.css?v=5.1.4" rel="stylesheet" type="text/css">
|
||
|
||
|
||
<link rel="apple-touch-icon" sizes="180x180" href="/images/hackerrank.png?v=5.1.4">
|
||
|
||
|
||
<link rel="icon" type="image/png" sizes="32x32" href="/images/hackerrank.png?v=5.1.4">
|
||
|
||
|
||
<link rel="icon" type="image/png" sizes="16x16" href="/images/hackerrank.png?v=5.1.4">
|
||
|
||
|
||
<link rel="mask-icon" href="/images/logo.svg?v=5.1.4" color="#222">
|
||
|
||
|
||
|
||
|
||
|
||
<meta name="keywords" content="硬件攻击,传感器,语音助手,">
|
||
|
||
|
||
|
||
|
||
|
||
<link rel="alternate" href="/atom.xml" title="混元霹雳手" type="application/atom+xml">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<meta name="description" content="眼前一亮的工作!海豚音攻击,试着复现看看(贫穷版)">
|
||
<meta name="keywords" content="硬件攻击,传感器,语音助手">
|
||
<meta property="og:type" content="article">
|
||
<meta property="og:title" content="Dolphin Attack 论文复现">
|
||
<meta property="og:url" content="https://cool-y.github.io/2021/01/08/dolphin-attack-practice/index.html">
|
||
<meta property="og:site_name" content="混元霹雳手">
|
||
<meta property="og:description" content="眼前一亮的工作!海豚音攻击,试着复现看看(贫穷版)">
|
||
<meta property="og:locale" content="zh-Hans">
|
||
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082052/Dolphin%20Attack/08_YW7UW_PS_TOE_LZZY.png">
|
||
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082052/Dolphin%20Attack/WGD_U453KYP3M3_2639_5I.png">
|
||
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082051/Dolphin%20Attack/K5447O57_S___A_O_Q3V.png">
|
||
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082052/Dolphin%20Attack/OPSXK_21_7R24_I_NIWM0_8.png">
|
||
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082051/Dolphin%20Attack/G8_K4_ZG__PE2CQ_5_UYY.png">
|
||
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082508/Dolphin%20Attack/Snipaste_2021-01-08_13-06-55.png">
|
||
<meta property="og:updated_time" content="2021-04-10T13:41:53.589Z">
|
||
<meta name="twitter:card" content="summary">
|
||
<meta name="twitter:title" content="Dolphin Attack 论文复现">
|
||
<meta name="twitter:description" content="眼前一亮的工作!海豚音攻击,试着复现看看(贫穷版)">
|
||
<meta name="twitter:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082052/Dolphin%20Attack/08_YW7UW_PS_TOE_LZZY.png">
|
||
|
||
|
||
|
||
<script type="text/javascript" id="hexo.configurations">
|
||
var NexT = window.NexT || {};
|
||
var CONFIG = {
|
||
root: '/',
|
||
scheme: 'Muse',
|
||
version: '5.1.4',
|
||
sidebar: {"position":"left","display":"always","offset":12,"b2t":false,"scrollpercent":true,"onmobile":true},
|
||
fancybox: true,
|
||
tabs: true,
|
||
motion: {"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},
|
||
duoshuo: {
|
||
userId: '0',
|
||
author: '博主'
|
||
},
|
||
algolia: {
|
||
applicationID: '',
|
||
apiKey: '',
|
||
indexName: '',
|
||
hits: {"per_page":10},
|
||
labels: {"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}
|
||
}
|
||
};
|
||
</script>
|
||
|
||
|
||
|
||
<link rel="canonical" href="https://cool-y.github.io/2021/01/08/dolphin-attack-practice/">
|
||
|
||
|
||
|
||
|
||
|
||
<title>Dolphin Attack 论文复现 | 混元霹雳手</title>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
</head>
|
||
|
||
<body itemscope itemtype="http://schema.org/WebPage" lang="zh-Hans">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<div class="container sidebar-position-left page-post-detail">
|
||
<div class="headband"></div>
|
||
|
||
<header id="header" class="header" itemscope itemtype="http://schema.org/WPHeader">
|
||
<div class="header-inner"><div class="site-brand-wrapper">
|
||
<div class="site-meta ">
|
||
|
||
|
||
<div class="custom-logo-site-title">
|
||
<a href="/" class="brand" rel="start">
|
||
<span class="logo-line-before"><i></i></span>
|
||
<span class="site-title">混元霹雳手</span>
|
||
<span class="logo-line-after"><i></i></span>
|
||
</a>
|
||
</div>
|
||
|
||
<p class="site-subtitle">Battle⚔️ 2 the world🌎</p>
|
||
|
||
</div>
|
||
|
||
<div class="site-nav-toggle">
|
||
<button>
|
||
<span class="btn-bar"></span>
|
||
<span class="btn-bar"></span>
|
||
<span class="btn-bar"></span>
|
||
</button>
|
||
</div>
|
||
</div>
|
||
|
||
<nav class="site-nav">
|
||
|
||
|
||
|
||
<ul id="menu" class="menu">
|
||
|
||
|
||
<li class="menu-item menu-item-home">
|
||
<a href="/" rel="section">
|
||
|
||
<i class="menu-item-icon fa fa-fw fa-home"></i> <br>
|
||
|
||
首页
|
||
</a>
|
||
</li>
|
||
|
||
|
||
<li class="menu-item menu-item-about">
|
||
<a href="/about/" rel="section">
|
||
|
||
<i class="menu-item-icon fa fa-fw fa-user"></i> <br>
|
||
|
||
关于
|
||
</a>
|
||
</li>
|
||
|
||
|
||
<li class="menu-item menu-item-tags">
|
||
<a href="/tags/" rel="section">
|
||
|
||
<i class="menu-item-icon fa fa-fw fa-tags"></i> <br>
|
||
|
||
标签
|
||
</a>
|
||
</li>
|
||
|
||
|
||
<li class="menu-item menu-item-categories">
|
||
<a href="/categories/" rel="section">
|
||
|
||
<i class="menu-item-icon fa fa-fw fa-th"></i> <br>
|
||
|
||
分类
|
||
</a>
|
||
</li>
|
||
|
||
|
||
<li class="menu-item menu-item-archives">
|
||
<a href="/archives/" rel="section">
|
||
|
||
<i class="menu-item-icon fa fa-fw fa-archive"></i> <br>
|
||
|
||
归档
|
||
</a>
|
||
</li>
|
||
|
||
|
||
<li class="menu-item menu-item-bookmarks">
|
||
<a href="/bookmarks/" rel="section">
|
||
|
||
<i class="menu-item-icon fa fa-fw fa-map"></i> <br>
|
||
|
||
书签
|
||
</a>
|
||
</li>
|
||
|
||
|
||
<li class="menu-item menu-item-album">
|
||
<a href="/album/" rel="section">
|
||
|
||
<i class="menu-item-icon fa fa-fw fa-heartbeat"></i> <br>
|
||
|
||
相簿
|
||
</a>
|
||
</li>
|
||
|
||
|
||
|
||
</ul>
|
||
|
||
|
||
|
||
</nav>
|
||
|
||
|
||
|
||
</div>
|
||
</header>
|
||
|
||
<main id="main" class="main">
|
||
<div class="main-inner">
|
||
<div class="content-wrap">
|
||
<div id="content" class="content">
|
||
|
||
|
||
<div id="posts" class="posts-expand">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
|
||
|
||
|
||
|
||
<div class="post-block">
|
||
<link itemprop="mainEntityOfPage" href="https://cool-y.github.io/2021/01/08/dolphin-attack-practice/">
|
||
|
||
<span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
|
||
<meta itemprop="name" content="Cool-Y">
|
||
<meta itemprop="description" content>
|
||
<meta itemprop="image" content="/images/avatar.png">
|
||
</span>
|
||
|
||
<span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
|
||
<meta itemprop="name" content="混元霹雳手">
|
||
</span>
|
||
|
||
|
||
<header class="post-header">
|
||
|
||
|
||
|
||
<h1 class="post-title" itemprop="name headline">Dolphin Attack 论文复现</h1>
|
||
|
||
|
||
<div class="post-meta">
|
||
<span class="post-time">
|
||
|
||
<span class="post-meta-item-icon">
|
||
<i class="fa fa-calendar-o"></i>
|
||
</span>
|
||
|
||
<span class="post-meta-item-text">发表于</span>
|
||
|
||
<time title="创建于" itemprop="dateCreated datePublished" datetime="2021-01-08T12:54:41+08:00">
|
||
2021-01-08
|
||
</time>
|
||
|
||
|
||
|
||
|
||
|
||
</span>
|
||
|
||
|
||
<span class="post-category">
|
||
|
||
<span class="post-meta-divider">|</span>
|
||
|
||
<span class="post-meta-item-icon">
|
||
<i class="fa fa-folder-o"></i>
|
||
</span>
|
||
|
||
<span class="post-meta-item-text">分类于</span>
|
||
|
||
|
||
<span itemprop="about" itemscope itemtype="http://schema.org/Thing">
|
||
<a href="/categories/顶会论文/" itemprop="url" rel="index">
|
||
<span itemprop="name">顶会论文</span>
|
||
</a>
|
||
</span>
|
||
|
||
|
||
|
||
|
||
</span>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<span id="/2021/01/08/dolphin-attack-practice/" class="leancloud_visitors" data-flag-title="Dolphin Attack 论文复现">
|
||
<span class="post-meta-divider">|</span>
|
||
<span class="post-meta-item-icon">
|
||
<i class="fa fa-eye"></i>
|
||
</span>
|
||
|
||
<span class="post-meta-item-text">阅读次数:</span>
|
||
|
||
<span class="leancloud-visitors-count"></span>
|
||
</span>
|
||
|
||
|
||
|
||
|
||
|
||
<div class="post-wordcount">
|
||
|
||
|
||
<span class="post-meta-item-icon">
|
||
<i class="fa fa-file-word-o"></i>
|
||
</span>
|
||
|
||
<span title="字数统计">
|
||
1.4k 字
|
||
</span>
|
||
|
||
|
||
|
||
<span class="post-meta-divider">|</span>
|
||
|
||
|
||
|
||
<span class="post-meta-item-icon">
|
||
<i class="fa fa-clock-o"></i>
|
||
</span>
|
||
|
||
<span title="阅读时长">
|
||
5 分钟
|
||
</span>
|
||
|
||
</div>
|
||
|
||
|
||
|
||
<div class="post-description">
|
||
眼前一亮的工作!海豚音攻击,试着复现看看(贫穷版)
|
||
</div>
|
||
|
||
|
||
</div>
|
||
</header>
|
||
|
||
|
||
|
||
|
||
|
||
<div class="post-body" itemprop="articleBody">
|
||
|
||
|
||
|
||
|
||
|
||
<h1 id="海豚音攻击-复现"><a href="#海豚音攻击-复现" class="headerlink" title="海豚音攻击-复现"></a>海豚音攻击-复现</h1><p>文章中提到两种方案,一是具有信号发生器的强大变送器,二是带有智能手机的便携式变送器;前一种方案成本过于高,本文不做分析,后一种方案的实现成本在我们可接收的范围。<br>但原文中对后一方案的实现没有太多介绍,于是我通过邮件咨询了作者-闫琛博士,闫博士非常友好,我是在晚上十点发送的第一封邮件,差不多在十分钟内通过几封邮件的交流,解决了我的问题,很快确定了我的具体实现路径,非常感谢大佬!</p>
|
||
<ul>
|
||
<li>Q: 使用便携式设备攻击的时候,三星Galaxy S6 Edge发送的高频声音信号是怎么生成的呢?是预先使用专业设备调制好的信号保存为mp3吗?</li>
|
||
<li>A: 通过软件调制,生成.wav的超声波音频文件,再通过三星手机播放的。</li>
|
||
<li>Q: 用的是什么软件进行调制?</li>
|
||
<li>A: 用过matlab和python,都是可以的</li>
|
||
</ul>
|
||
<h2 id="0x01-语音命令生成"><a href="#0x01-语音命令生成" class="headerlink" title="0x01 语音命令生成"></a>0x01 语音命令生成</h2><p><a href="https://ttstool.com/" target="_blank" rel="noopener">https://ttstool.com/</a><br>微软的TTS接口生成的是mp3格式音频,一般来说我们使用python处理音频都是针对wav格式。<br><a href="https://www.aconvert.com/cn/audio/mp3-to-wav/" target="_blank" rel="noopener">https://www.aconvert.com/cn/audio/mp3-to-wav/</a><br>我们可以通过这个网站对格式做转换。<br><a href="https://coolyim.quip.com/-/blob/OVVAAAmjZcr/Eq9qXdQ7_eD5KQaR33wCCw?name=xiaoyi.wav" target="_blank" rel="noopener">xiaoyi.wav</a><br>这个网站的采样率最高只能达到96000hz<br><a href="https://coolyim.quip.com/-/blob/OVVAAAmjZcr/aZfltfEV_ZxV1LCGznB1OA?name=6wxmu-crusr.wav" target="_blank" rel="noopener">6wxmu-crusr.wav</a></p>
|
||
<h2 id="0x02-语音命令调制"><a href="#0x02-语音命令调制" class="headerlink" title="0x02 语音命令调制"></a>0x02 语音命令调制</h2><p>生成语音命令的基带信号后,我们需要在超声载波上对其进行调制,以使它们听不到。 为了利用麦克风的非线性,DolphinAttack必须利用幅度调制(AM)。</p>
|
||
<h3 id="AM调制原理"><a href="#AM调制原理" class="headerlink" title="AM调制原理"></a>AM调制原理</h3><p>使载波的振幅按照所需传送信号的变化规律而变化,但频率保持不变的调制方法。调幅在有线电或无线电通信和广播中应用甚广。调幅是高频载波的振幅随信号改变的调制(AM)。其中,载波信号的振幅随着调制信号的某种特征的变换而变化。例如,0或1分别对应于无载波或有载波输出,电视的图像信号使用调幅。调频的抗干扰能力强,失真小,但服务半径小。<br>假设载波uc(t)和调制信号的频率分别为ωc和Ω,在已调波中包含三个频率成分:ωc、ωc+Ω和ωc-Ω。ωc+Ω称为上边频,ωc-Ω称为下边频。</p>
|
||
<p><a href="https://epxx.co/artigos/ammodulation.html" target="_blank" rel="noopener">https://epxx.co/artigos/ammodulation.html</a><br><a href="http://www.chenjianqu.com/show-44.html" target="_blank" rel="noopener">http://www.chenjianqu.com/show-44.html</a><br><a href="https://zhuanlan.zhihu.com/p/54561504" target="_blank" rel="noopener">https://zhuanlan.zhihu.com/p/54561504</a><br><a href="http://www.mwhitelab.com/archives/208" target="_blank" rel="noopener">http://www.mwhitelab.com/archives/208</a></p>
|
||
<h3 id="使用python调制"><a href="#使用python调制" class="headerlink" title="使用python调制"></a>使用python调制</h3><p>现在我们已经有了基带信号,使用<a href="https://www.fosshub.com/Audacity.html" target="_blank" rel="noopener">Audacity</a>对其进行频谱分析,此语音的带宽或频谱(左图为采样频率48khz音频,右图为96khz) :<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082052/Dolphin%20Attack/08_YW7UW_PS_TOE_LZZY.png" alt><br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082052/Dolphin%20Attack/WGD_U453KYP3M3_2639_5I.png" alt></p>
|
||
<p>我们可以看到带宽为8000-9000hz左右,这是女声,因此频带范围较宽。这可能导致可听范围内的频率泄露,但这里我们先不去讨论,之后再使用带宽较小的语音以创建基带语音信号。<br>wave包最多能读取的wav音频采样率为<a href="https://github.com/jiaaro/pydub/issues/134" target="_blank" rel="noopener">48khz</a>,当超过这个值时,wave就不再支持(wave.Error: unknown format: 65534)。但我们的载波频率为30khz左右,这就要求音频文件的采样率高于60khz才能保证不失真。所幸<a href="https://kite.com/python/docs/scipy.io.wavfile" target="_blank" rel="noopener"><code>scipy.io.wavfile</code></a>支持高于48khz的wav文件读取。<br>使用以下Python程序来生成调制的AM和AM-SC音频,AM是广播无线电调制的“正常”声音,它加上了载波;AM-SC则只是载波与原始信号的乘积。</p>
|
||
<figure class="highlight python"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># coding=utf-8</span></span><br><span class="line"><span class="keyword">import</span> numpy <span class="keyword">as</span> np</span><br><span class="line"><span class="keyword">import</span> matplotlib.pyplot <span class="keyword">as</span> plt</span><br><span class="line"><span class="keyword">import</span> os</span><br><span class="line"><span class="keyword">import</span> wave</span><br><span class="line"><span class="keyword">import</span> struct</span><br><span class="line"><span class="keyword">import</span> math</span><br><span class="line"><span class="keyword">from</span> pydub <span class="keyword">import</span> AudioSegment</span><br><span class="line"><span class="keyword">import</span> scipy.io.wavfile</span><br><span class="line"></span><br><span class="line"><span class="function"><span class="keyword">def</span> <span class="title">main</span><span class="params">()</span>:</span></span><br><span class="line"> test = scipy.io.wavfile.read(<span class="string">"xiaoyi.wav"</span>)</span><br><span class="line"> nframes = len(test[<span class="number">1</span>])</span><br><span class="line"> waveData = np.fromstring(test[<span class="number">1</span>],dtype=np.short)<span class="comment">#将原始字符数据转换为整数</span></span><br><span class="line"> <span class="comment">#音频数据归一化</span></span><br><span class="line"> maxW = max(abs(waveData))</span><br><span class="line"> waveData = waveData * <span class="number">1.0</span>/maxW</span><br><span class="line"> <span class="comment">#将音频信号规整乘每行一路通道信号的格式,即该矩阵一行为一个通道的采样点,共nchannels行</span></span><br><span class="line"> Tdata = np.reshape(waveData,[nframes,<span class="number">1</span>]).T <span class="comment"># .T 表示转置</span></span><br><span class="line"> am = wave.open(<span class="string">"am.wav"</span>, <span class="string">"w"</span>)</span><br><span class="line"> amsc = wave.open(<span class="string">"amsc.wav"</span>, <span class="string">"w"</span>)</span><br><span class="line"> carrier = wave.open(<span class="string">"carrier3000.wav"</span>, <span class="string">"w"</span>)</span><br><span class="line"> <span class="keyword">for</span> f <span class="keyword">in</span> [am,amsc,carrier]:</span><br><span class="line"> f.setnchannels(<span class="number">1</span>)</span><br><span class="line"> f.setsampwidth(<span class="number">2</span>)</span><br><span class="line"> f.setframerate(<span class="number">96000</span>)</span><br><span class="line"> <span class="keyword">for</span> n <span class="keyword">in</span> range(<span class="number">0</span>, nframes):</span><br><span class="line"> carrier_sample = math.cos(<span class="number">30000.0</span> * (n / <span class="number">96000.0</span>) * math.pi * <span class="number">2</span>)</span><br><span class="line"> signal_am = signal_amsc= waveData[n] * carrier_sample</span><br><span class="line"> signal_am += carrier_sample</span><br><span class="line"> signal_am /= <span class="number">2</span></span><br><span class="line"> am.writeframes(struct.pack(<span class="string">'h'</span>, signal_am * maxW))</span><br><span class="line"> amsc.writeframes(struct.pack(<span class="string">'h'</span>, signal_amsc * maxW))</span><br><span class="line"> carrier.writeframes(struct.pack(<span class="string">'h'</span>, carrier_sample * maxW))</span><br><span class="line"></span><br><span class="line"></span><br><span class="line"><span class="keyword">if</span> __name__==<span class="string">'__main__'</span>:</span><br><span class="line"> main()</span><br></pre></td></tr></table></figure>
|
||
<p>分别对am.wav、amsc.wav、carrier3000.wav做频谱分析<br>carrier3000.wav的频谱的为集中在载波频率30khz上的一个脉冲<a href="https://coolyim.quip.com/-/blob/OVVAAAmjZcr/9RE4Z0lCs1WACO75zLTAhA?name=carrier3000.wav" target="_blank" rel="noopener">carrier3000.wav</a><br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082051/Dolphin%20Attack/K5447O57_S___A_O_Q3V.png" alt><br>amsc.wav的带宽约为18khz,是原来的两倍,关于f=30khz镜面对称。AM调制会创建原始信号的两个“副本”,一个在21-30kHz频段,另一个在30-39kHz。<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082052/Dolphin%20Attack/OPSXK_21_7R24_I_NIWM0_8.png" alt></p>
|
||
<p>am.wav,在这种调制中,我们可以听到载波,而在AM-SC中则听不到。频谱类似于AM-SC,但在载波频率上还有一个尖锐的“尖峰”:<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082051/Dolphin%20Attack/G8_K4_ZG__PE2CQ_5_UYY.png" alt></p>
|
||
<h2 id="0x03-语音命令发送器"><a href="#0x03-语音命令发送器" class="headerlink" title="0x03 语音命令发送器"></a>0x03 语音命令发送器</h2><p>下图是由智能手机驱动的便携式发射器。便携式发射器利用智能手机来发射调制信号。许多设备的最佳载波频率都大于24 kHz, 大多数智能手机无法完成任务。大多数智能手机最多支持48 kHz采样率,所以只能发送载波频率最高为24 kHz的调制窄带信号。需要支持高达192 kHz的采样率的手机,而且扬声器会衰减频率大于20 kHz的信号。为了减轻这个问题,我使用窄带超声换能器作为扬声器,并在超声换能器之前添加了一个放大器,这样有效的攻击范围得以扩展。</p>
|
||
<p><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1610082508/Dolphin%20Attack/Snipaste_2021-01-08_13-06-55.png" alt></p>
|
||
|
||
|
||
</div>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<div>
|
||
<div style="padding: 10px 0; margin: 20px auto; width: 90%; text-align: center;">
|
||
<div>您的支持将鼓励我继续创作!</div>
|
||
<button id="rewardButton" disable="enable" onclick="var qr = document.getElementById('QR'); if (qr.style.display === 'none') {qr.style.display='block';} else {qr.style.display='none'}">
|
||
<span>打赏</span>
|
||
</button>
|
||
<div id="QR" style="display: none;">
|
||
|
||
|
||
<div id="wechat" style="display: inline-block">
|
||
<img id="wechat_qr" src="/images/Wechatpay.png" alt="Cool-Y 微信支付">
|
||
<p>微信支付</p>
|
||
</div>
|
||
|
||
|
||
|
||
<div id="alipay" style="display: inline-block">
|
||
<img id="alipay_qr" src="/images/Alipay.png" alt="Cool-Y 支付宝">
|
||
<p>支付宝</p>
|
||
</div>
|
||
|
||
|
||
|
||
|
||
</div>
|
||
</div>
|
||
|
||
</div>
|
||
|
||
|
||
|
||
<div>
|
||
<ul class="post-copyright">
|
||
<li class="post-copyright-author">
|
||
<strong>本文作者:</strong>
|
||
Cool-Y
|
||
</li>
|
||
<li class="post-copyright-link">
|
||
<strong>本文链接:</strong>
|
||
<a href="https://cool-y.github.io/2021/01/08/dolphin-attack-practice/" title="Dolphin Attack 论文复现">https://cool-y.github.io/2021/01/08/dolphin-attack-practice/</a>
|
||
</li>
|
||
<li class="post-copyright-license">
|
||
<strong>版权声明: </strong>
|
||
本博客所有文章除特别声明外,均采用 <a href="https://creativecommons.org/licenses/by-nc-sa/3.0/" rel="external nofollow" target="_blank">CC BY-NC-SA 3.0</a> 许可协议。转载请注明出处!
|
||
</li>
|
||
</ul>
|
||
|
||
</div>
|
||
|
||
|
||
<footer class="post-footer">
|
||
|
||
<div class="post-tags">
|
||
|
||
<a href="/tags/硬件攻击/" rel="tag"># 硬件攻击</a>
|
||
|
||
<a href="/tags/传感器/" rel="tag"># 传感器</a>
|
||
|
||
<a href="/tags/语音助手/" rel="tag"># 语音助手</a>
|
||
|
||
</div>
|
||
|
||
|
||
|
||
|
||
<div class="post-widgets">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<div id="needsharebutton-postbottom">
|
||
<span class="btn">
|
||
<i class="fa fa-share-alt" aria-hidden="true"></i>
|
||
</span>
|
||
</div>
|
||
|
||
</div>
|
||
|
||
|
||
|
||
|
||
<div class="post-nav">
|
||
<div class="post-nav-next post-nav-item">
|
||
|
||
<a href="/2021/01/08/Dolphin-Attack/" rel="next" title="Dolphin Attack 论文翻译">
|
||
<i class="fa fa-chevron-left"></i> Dolphin Attack 论文翻译
|
||
</a>
|
||
|
||
</div>
|
||
|
||
<span class="post-nav-divider"></span>
|
||
|
||
<div class="post-nav-prev post-nav-item">
|
||
|
||
<a href="/2021/01/08/Netgear-psv-2020-0211/" rel="prev" title="Netgear_栈溢出漏洞_PSV-2020-0211">
|
||
Netgear_栈溢出漏洞_PSV-2020-0211 <i class="fa fa-chevron-right"></i>
|
||
</a>
|
||
|
||
</div>
|
||
</div>
|
||
|
||
|
||
|
||
|
||
</footer>
|
||
</div>
|
||
|
||
|
||
|
||
</article>
|
||
|
||
|
||
|
||
<div class="post-spread">
|
||
|
||
</div>
|
||
</div>
|
||
|
||
|
||
</div>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<div class="comments" id="comments">
|
||
<div id="gitalk-container"></div>
|
||
</div>
|
||
|
||
|
||
|
||
|
||
|
||
</div>
|
||
|
||
|
||
|
||
<div class="sidebar-toggle">
|
||
<div class="sidebar-toggle-line-wrap">
|
||
<span class="sidebar-toggle-line sidebar-toggle-line-first"></span>
|
||
<span class="sidebar-toggle-line sidebar-toggle-line-middle"></span>
|
||
<span class="sidebar-toggle-line sidebar-toggle-line-last"></span>
|
||
</div>
|
||
</div>
|
||
|
||
<aside id="sidebar" class="sidebar">
|
||
|
||
<div id="sidebar-dimmer"></div>
|
||
|
||
<div class="sidebar-inner">
|
||
|
||
|
||
|
||
|
||
<ul class="sidebar-nav motion-element">
|
||
<li class="sidebar-nav-toc sidebar-nav-active" data-target="post-toc-wrap">
|
||
文章目录
|
||
</li>
|
||
<li class="sidebar-nav-overview" data-target="site-overview-wrap">
|
||
站点概览
|
||
</li>
|
||
</ul>
|
||
|
||
|
||
<section class="site-overview-wrap sidebar-panel">
|
||
<div class="site-overview">
|
||
<div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
|
||
|
||
<img class="site-author-image" itemprop="image" src="/images/avatar.png" alt="Cool-Y">
|
||
|
||
<p class="site-author-name" itemprop="name">Cool-Y</p>
|
||
<p class="site-description motion-element" itemprop="description">Juice is temporary but Sauce is forever</p>
|
||
</div>
|
||
|
||
<nav class="site-state motion-element">
|
||
|
||
|
||
<div class="site-state-item site-state-posts">
|
||
|
||
<a href="/archives/">
|
||
|
||
<span class="site-state-item-count">31</span>
|
||
<span class="site-state-item-name">日志</span>
|
||
</a>
|
||
</div>
|
||
|
||
|
||
|
||
|
||
|
||
<div class="site-state-item site-state-categories">
|
||
<a href="/categories/index.html">
|
||
<span class="site-state-item-count">7</span>
|
||
<span class="site-state-item-name">分类</span>
|
||
</a>
|
||
</div>
|
||
|
||
|
||
|
||
|
||
|
||
<div class="site-state-item site-state-tags">
|
||
<a href="/tags/index.html">
|
||
<span class="site-state-item-count">55</span>
|
||
<span class="site-state-item-name">标签</span>
|
||
</a>
|
||
</div>
|
||
|
||
|
||
</nav>
|
||
|
||
|
||
<div class="feed-link motion-element">
|
||
<a href="/atom.xml" rel="alternate">
|
||
<i class="fa fa-rss"></i>
|
||
RSS
|
||
</a>
|
||
</div>
|
||
|
||
|
||
|
||
<div class="links-of-author motion-element">
|
||
|
||
<span class="links-of-author-item">
|
||
<a href="https://github.com/Cool-Y" target="_blank" title="GitHub">
|
||
|
||
<i class="fa fa-fw fa-github"></i>GitHub</a>
|
||
</span>
|
||
|
||
<span class="links-of-author-item">
|
||
<a href="mailto:cool.yim@whu.edu.cn" target="_blank" title="E-Mail">
|
||
|
||
<i class="fa fa-fw fa-envelope"></i>E-Mail</a>
|
||
</span>
|
||
|
||
<span class="links-of-author-item">
|
||
<a href="https://www.instagram.com/yan__han/" target="_blank" title="Instagram">
|
||
|
||
<i class="fa fa-fw fa-instagram"></i>Instagram</a>
|
||
</span>
|
||
|
||
</div>
|
||
|
||
|
||
<div id="music163player">
|
||
<iframe frameborder="no" border="0" marginwidth="0" marginheight="0" width="330" height="110" src="//music.163.com/outchain/player?type=4&id=334277093&auto=1&height=90"></iframe>
|
||
</div>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
</div>
|
||
</section>
|
||
|
||
|
||
<!--noindex-->
|
||
<section class="post-toc-wrap motion-element sidebar-panel sidebar-panel-active">
|
||
<div class="post-toc">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#海豚音攻击-复现"><span class="nav-text">海豚音攻击-复现</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#0x01-语音命令生成"><span class="nav-text">0x01 语音命令生成</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#0x02-语音命令调制"><span class="nav-text">0x02 语音命令调制</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#AM调制原理"><span class="nav-text">AM调制原理</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#使用python调制"><span class="nav-text">使用python调制</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#0x03-语音命令发送器"><span class="nav-text">0x03 语音命令发送器</span></a></li></ol></li></ol></div>
|
||
|
||
|
||
</div>
|
||
</section>
|
||
<!--/noindex-->
|
||
|
||
|
||
|
||
|
||
</div>
|
||
</aside>
|
||
|
||
|
||
|
||
</div>
|
||
</main>
|
||
|
||
<footer id="footer" class="footer">
|
||
<div class="footer-inner">
|
||
<div class="copyright">© 2019 — <span itemprop="copyrightYear">2021</span>
|
||
<span class="with-love">
|
||
<i class="fa fa-user"></i>
|
||
</span>
|
||
<span class="author" itemprop="copyrightHolder">Cool-Y</span>
|
||
|
||
|
||
<span class="post-meta-divider">|</span>
|
||
<span class="post-meta-item-icon">
|
||
<i class="fa fa-area-chart"></i>
|
||
</span>
|
||
|
||
<span title="Site words total count">105.1k</span>
|
||
|
||
</div>
|
||
|
||
|
||
<div class="powered-by">由 <a class="theme-link" target="_blank" href="https://hexo.io">Hexo</a> 强力驱动</div>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<div class="busuanzi-count">
|
||
<script async src="//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script>
|
||
|
||
|
||
<span class="site-uv">
|
||
<i class="fa fa-user"></i>
|
||
<span class="busuanzi-value" id="busuanzi_value_site_uv"></span>
|
||
|
||
</span>
|
||
|
||
|
||
|
||
<span class="site-pv">
|
||
<i class="fa fa-eye"></i>
|
||
<span class="busuanzi-value" id="busuanzi_value_site_pv"></span>
|
||
|
||
</span>
|
||
|
||
</div>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
</div>
|
||
</footer>
|
||
|
||
|
||
<div class="back-to-top">
|
||
<i class="fa fa-arrow-up"></i>
|
||
|
||
<span id="scrollpercent"><span>0</span>%</span>
|
||
|
||
</div>
|
||
|
||
|
||
|
||
<div id="needsharebutton-float">
|
||
<span class="btn">
|
||
<i class="fa fa-share-alt" aria-hidden="true"></i>
|
||
</span>
|
||
</div>
|
||
|
||
|
||
</div>
|
||
|
||
|
||
|
||
<script type="text/javascript">
|
||
if (Object.prototype.toString.call(window.Promise) !== '[object Function]') {
|
||
window.Promise = null;
|
||
}
|
||
</script>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<script type="text/javascript" src="/lib/jquery/index.js?v=2.1.3"></script>
|
||
|
||
|
||
|
||
|
||
<script type="text/javascript" src="/lib/fastclick/lib/fastclick.min.js?v=1.0.6"></script>
|
||
|
||
|
||
|
||
|
||
<script type="text/javascript" src="/lib/jquery_lazyload/jquery.lazyload.js?v=1.9.7"></script>
|
||
|
||
|
||
|
||
|
||
<script type="text/javascript" src="/lib/velocity/velocity.min.js?v=1.2.1"></script>
|
||
|
||
|
||
|
||
|
||
<script type="text/javascript" src="/lib/velocity/velocity.ui.min.js?v=1.2.1"></script>
|
||
|
||
|
||
|
||
|
||
<script type="text/javascript" src="/lib/fancybox/source/jquery.fancybox.pack.js?v=2.1.5"></script>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<script type="text/javascript" src="/js/src/utils.js?v=5.1.4"></script>
|
||
|
||
<script type="text/javascript" src="/js/src/motion.js?v=5.1.4"></script>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<script type="text/javascript" src="/js/src/scrollspy.js?v=5.1.4"></script>
|
||
<script type="text/javascript" src="/js/src/post-details.js?v=5.1.4"></script>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<script type="text/javascript" src="/js/src/bootstrap.js?v=5.1.4"></script>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<!-- LOCAL: You can save these files to your site and update links -->
|
||
|
||
<link rel="stylesheet" href="https://unpkg.com/gitalk/dist/gitalk.css">
|
||
<script src="https://unpkg.com/gitalk/dist/gitalk.min.js"></script>
|
||
<!-- END LOCAL -->
|
||
|
||
|
||
<script type="text/javascript">
|
||
function renderGitalk(){
|
||
var gitalk = new Gitalk({
|
||
owner: 'Cool-Y',
|
||
repo: 'gitment-comments',
|
||
clientID: '180955a2c3ae3d966d9a',
|
||
clientSecret: '1c5db4da72df5e6fc318d12afe5f4406f7c54343',
|
||
admin: 'Cool-Y',
|
||
id: decodeURI(location.pathname),
|
||
|
||
distractionFreeMode: 'true'
|
||
|
||
});
|
||
gitalk.render('gitalk-container');
|
||
}
|
||
renderGitalk();
|
||
</script>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<script src="https://cdn1.lncld.net/static/js/av-core-mini-0.6.4.js"></script>
|
||
<script>AV.initialize("CnxMogaLcXQrm9Q03lF8XH7j-gzGzoHsz", "EHqNuJ6AYvuHnY6bN6w2SMXl");</script>
|
||
<script>
|
||
function showTime(Counter) {
|
||
var query = new AV.Query(Counter);
|
||
var entries = [];
|
||
var $visitors = $(".leancloud_visitors");
|
||
|
||
$visitors.each(function () {
|
||
entries.push( $(this).attr("id").trim() );
|
||
});
|
||
|
||
query.containedIn('url', entries);
|
||
query.find()
|
||
.done(function (results) {
|
||
var COUNT_CONTAINER_REF = '.leancloud-visitors-count';
|
||
|
||
if (results.length === 0) {
|
||
$visitors.find(COUNT_CONTAINER_REF).text(0);
|
||
return;
|
||
}
|
||
|
||
for (var i = 0; i < results.length; i++) {
|
||
var item = results[i];
|
||
var url = item.get('url');
|
||
var time = item.get('time');
|
||
var element = document.getElementById(url);
|
||
|
||
$(element).find(COUNT_CONTAINER_REF).text(time);
|
||
}
|
||
for(var i = 0; i < entries.length; i++) {
|
||
var url = entries[i];
|
||
var element = document.getElementById(url);
|
||
var countSpan = $(element).find(COUNT_CONTAINER_REF);
|
||
if( countSpan.text() == '') {
|
||
countSpan.text(0);
|
||
}
|
||
}
|
||
})
|
||
.fail(function (object, error) {
|
||
console.log("Error: " + error.code + " " + error.message);
|
||
});
|
||
}
|
||
|
||
function addCount(Counter) {
|
||
var $visitors = $(".leancloud_visitors");
|
||
var url = $visitors.attr('id').trim();
|
||
var title = $visitors.attr('data-flag-title').trim();
|
||
var query = new AV.Query(Counter);
|
||
|
||
query.equalTo("url", url);
|
||
query.find({
|
||
success: function(results) {
|
||
if (results.length > 0) {
|
||
var counter = results[0];
|
||
counter.fetchWhenSave(true);
|
||
counter.increment("time");
|
||
counter.save(null, {
|
||
success: function(counter) {
|
||
var $element = $(document.getElementById(url));
|
||
$element.find('.leancloud-visitors-count').text(counter.get('time'));
|
||
},
|
||
error: function(counter, error) {
|
||
console.log('Failed to save Visitor num, with error message: ' + error.message);
|
||
}
|
||
});
|
||
} else {
|
||
var newcounter = new Counter();
|
||
/* Set ACL */
|
||
var acl = new AV.ACL();
|
||
acl.setPublicReadAccess(true);
|
||
acl.setPublicWriteAccess(true);
|
||
newcounter.setACL(acl);
|
||
/* End Set ACL */
|
||
newcounter.set("title", title);
|
||
newcounter.set("url", url);
|
||
newcounter.set("time", 1);
|
||
newcounter.save(null, {
|
||
success: function(newcounter) {
|
||
var $element = $(document.getElementById(url));
|
||
$element.find('.leancloud-visitors-count').text(newcounter.get('time'));
|
||
},
|
||
error: function(newcounter, error) {
|
||
console.log('Failed to create');
|
||
}
|
||
});
|
||
}
|
||
},
|
||
error: function(error) {
|
||
console.log('Error:' + error.code + " " + error.message);
|
||
}
|
||
});
|
||
}
|
||
|
||
$(function() {
|
||
var Counter = AV.Object.extend("Counter");
|
||
if ($('.leancloud_visitors').length == 1) {
|
||
addCount(Counter);
|
||
} else if ($('.post-title-link').length > 1) {
|
||
showTime(Counter);
|
||
}
|
||
});
|
||
</script>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<script>
|
||
(function(){
|
||
var bp = document.createElement('script');
|
||
var curProtocol = window.location.protocol.split(':')[0];
|
||
if (curProtocol === 'https') {
|
||
bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';
|
||
}
|
||
else {
|
||
bp.src = 'http://push.zhanzhang.baidu.com/push.js';
|
||
}
|
||
var s = document.getElementsByTagName("script")[0];
|
||
s.parentNode.insertBefore(bp, s);
|
||
})();
|
||
</script>
|
||
|
||
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="/lib/needsharebutton/needsharebutton.css">
|
||
|
||
|
||
|
||
<script src="/lib/needsharebutton/needsharebutton.js"></script>
|
||
|
||
<script>
|
||
|
||
pbOptions = {};
|
||
|
||
pbOptions.iconStyle = "box";
|
||
|
||
pbOptions.boxForm = "horizontal";
|
||
|
||
pbOptions.position = "bottomCenter";
|
||
|
||
pbOptions.networks = "Weibo,Wechat,Douban,QQZone,Twitter,Facebook";
|
||
|
||
new needShareButton('#needsharebutton-postbottom', pbOptions);
|
||
|
||
|
||
flOptions = {};
|
||
|
||
flOptions.iconStyle = "box";
|
||
|
||
flOptions.boxForm = "horizontal";
|
||
|
||
flOptions.position = "middleRight";
|
||
|
||
flOptions.networks = "Weibo,Wechat,Douban,QQZone,Twitter,Facebook";
|
||
|
||
new needShareButton('#needsharebutton-float', flOptions);
|
||
|
||
</script>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<script type="text/javascript" src="/js/src/js.cookie.js?v=5.1.4"></script>
|
||
<script type="text/javascript" src="/js/src/scroll-cookie.js?v=5.1.4"></script>
|
||
|
||
|
||
|
||
|
||
</body>
|
||
</html>
|