{"id":"https://openalex.org/W4384158257","doi":"https://doi.org/10.1109/aiiot58121.2023.10174411","title":"An Empirical Study of Alexa Skill System from Malicious Skill Developers","display_name":"An Empirical Study of Alexa Skill System from Malicious Skill Developers","publication_year":2023,"publication_date":"2023-06-07","ids":{"openalex":"https://openalex.org/W4384158257","doi":"https://doi.org/10.1109/aiiot58121.2023.10174411"},"language":"en","primary_location":{"id":"doi:10.1109/aiiot58121.2023.10174411","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/aiiot58121.2023.10174411","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE World AI IoT Congress (AIIoT)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5060857448","display_name":"Michael Snodgrass","orcid":"https://orcid.org/0000-0002-3691-5953"},"institutions":[{"id":"https://openalex.org/I226560621","display_name":"California State University, San Marcos","ror":"https://ror.org/01j8e0j24","country_code":"US","type":"education","lineage":["https://openalex.org/I226560621"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Michael Snodgrass","raw_affiliation_strings":["California State University San Marcos,Department of Computer Science and Information Systems,San Marcos,California,92096"],"affiliations":[{"raw_affiliation_string":"California State University San Marcos,Department of Computer Science and Information Systems,San Marcos,California,92096","institution_ids":["https://openalex.org/I226560621"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100324131","display_name":"Yanyan Li","orcid":"https://orcid.org/0000-0002-4449-4773"},"institutions":[{"id":"https://openalex.org/I226560621","display_name":"California State University, San Marcos","ror":"https://ror.org/01j8e0j24","country_code":"US","type":"education","lineage":["https://openalex.org/I226560621"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yanyan Li","raw_affiliation_strings":["California State University San Marcos,Department of Computer Science and Information Systems,San Marcos,California,92096"],"affiliations":[{"raw_affiliation_string":"California State University San Marcos,Department of Computer Science and Information Systems,San Marcos,California,92096","institution_ids":["https://openalex.org/I226560621"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5060857448"],"corresponding_institution_ids":["https://openalex.org/I226560621"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.13503285,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"0481","last_page":"0486"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9700000286102295,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12016","display_name":"Web Data Mining and Analysis","score":0.9663000106811523,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8088898658752441},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.7481422424316406},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.6158484816551208},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.5718231201171875},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4707183241844177},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.46853843331336975},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.45570406317710876},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4455842077732086},{"id":"https://openalex.org/keywords/multimedia","display_name":"Multimedia","score":0.3570288121700287},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.3442690372467041},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.23034882545471191},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.14251601696014404},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.07647919654846191}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8088898658752441},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.7481422424316406},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.6158484816551208},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.5718231201171875},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4707183241844177},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.46853843331336975},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.45570406317710876},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4455842077732086},{"id":"https://openalex.org/C49774154","wikidata":"https://www.wikidata.org/wiki/Q131765","display_name":"Multimedia","level":1,"score":0.3570288121700287},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.3442690372467041},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.23034882545471191},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.14251601696014404},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.07647919654846191},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/aiiot58121.2023.10174411","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/aiiot58121.2023.10174411","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE World AI IoT Congress (AIIoT)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6499999761581421,"id":"https://metadata.un.org/sdg/4","display_name":"Quality Education"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W2889270945","https://openalex.org/W2889851986","https://openalex.org/W2933426098","https://openalex.org/W2962583216","https://openalex.org/W3000201859","https://openalex.org/W3012726906","https://openalex.org/W3081818170","https://openalex.org/W3096559598","https://openalex.org/W3127827332","https://openalex.org/W3139099451","https://openalex.org/W3139304922","https://openalex.org/W3211832054","https://openalex.org/W4205271649","https://openalex.org/W4300824008","https://openalex.org/W4321383450","https://openalex.org/W6754404224","https://openalex.org/W6773310032","https://openalex.org/W6782698827","https://openalex.org/W6790672053"],"related_works":["https://openalex.org/W4366502726","https://openalex.org/W2023038964","https://openalex.org/W2075358766","https://openalex.org/W2981036578","https://openalex.org/W2150889667","https://openalex.org/W3190536237","https://openalex.org/W4233984944","https://openalex.org/W195300121","https://openalex.org/W2017602249","https://openalex.org/W2022927028"],"abstract_inverted_index":{"Amazon":[0],"Alexa":[1,63,111,133],"is":[2,45],"a":[3,33,67],"cloud-based":[4],"voice":[5,19,25,40,143],"service":[6],"that":[7,30],"allows":[8],"users":[9],"to":[10,38,75,104,125,128],"control":[11],"other":[12,77],"devices,":[13],"such":[14],"as":[15,28],"smart":[16],"lights,":[17],"using":[18],"commands.":[20],"It":[21],"relies":[22],"on":[23,32,91],"different":[24],"applications,":[26],"known":[27],"\"skills\",":[29],"run":[31],"cloud":[34],"backend":[35],"and":[36,48,84,115,136,140],"respond":[37],"user":[39],"requests.":[41],"However,":[42],"this":[43],"process":[44,83],"not":[46],"flawless":[47],"there":[49],"are":[50,101],"several":[51],"places":[52],"where":[53],"issues":[54,60,130],"could":[55],"happen.":[56],"This":[57],"paper":[58],"examines":[59],"in":[61,109,131],"the":[62,73,80,85,102,110,132,138],"skill":[64,69,81,92,112,134],"ecosystem":[65,135],"from":[66],"malicious":[68,88],"developer\u2019s":[70],"perspective,":[71],"including":[72],"ability":[74],"override":[76],"skills":[78],"during":[79],"invocation":[82],"threats":[86],"of":[87,142],"scripts":[89],"running":[90],"description":[93,113],"pages":[94],"through":[95],"cross-site":[96],"scripting":[97],"(XSS)":[98],"vulnerabilities.":[99],"We":[100],"first":[103],"identify":[105],"an":[106],"XSS":[107],"vulnerability":[108],"page,":[114],"our":[116],"finding":[117],"was":[118],"confirmed":[119],"by":[120],"Amazon.":[121],"Our":[122],"research":[123],"aims":[124],"bring":[126],"attention":[127],"these":[129],"improve":[137],"security":[139],"reliability":[141],"applications.":[144]},"counts_by_year":[],"updated_date":"2025-12-24T23:09:58.560324","created_date":"2025-10-10T00:00:00"}