Protect Sensitive Information against Channel State Information Based Attacks

Zhang, Jie; Tang, Zhanyong; Li, Rong; Liu, Chen; Gong, Xiaoqing; Fang, Dingyi; Wang, Zheng

doi:10.1109/cse-euc.2017.221

Cited by 8 publications

(10 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Wi‐Fi CSI is revealed to be very beneficial in carrying out security and privacy attacks in both home and public Wi‐Fi infrastructure. Through the analysis of how the finger and hand motions influence CSI, CSI‐based attacks are seen to be able to rebuild on‐screen or text‐based passwords successfully, and on‐screen login patterns and on‐screen login patterns 52 …”

Section: Potential Abuse Of Wi‐fi Signalsmentioning

confidence: 99%

Unauthorized and privacy‐intrusive human activity watching through Wi‐Fi signals: An emerging cybersecurity threat

Zhao

Bhuiyan

et al. 2022

Concurrency and Computation

View full text Add to dashboard Cite

Summary Nowadays, wireless radio signals are ubiquitous and are around us; some signals pass through us, and some reflect off us. Substantial advancements in recent years demonstrate that such signals are utilized for diverse emerging applications, including people activity, motion watches, healthcare, and so forth. A few questions would be that may raise severe concerns in future cybersecurity and private domains. For example, what if Wi‐Fi signals are utilized to watch a person doings and actions, which are mostly without the person's authorization and authentication. How far such signal utilization can attack privacy intrusively, silently, more particularly, what/where we do, say, command, see, write, draw, go, perform, everything can be known. In this article, we investigate watching human activities by leveraging Wi‐Fi signals and discuss a few application prototypes. We attempt to learn whether or not attackers have the ability to passively watch our Internet activity as well as physical activities and motions through Wi‐Fi. With all‐new advances, one must be aware that cyberattackers may apply unauthorized use of these advances to their benefit. We discuss some of the countermeasures and approaches to mitigate these risks with Wi‐Fi signal leveraging.

show abstract

Section: Potential Abuse Of Wi‐fi Signalsmentioning

confidence: 99%

Unauthorized and privacy‐intrusive human activity watching through Wi‐Fi signals: An emerging cybersecurity threat

Zhao

Bhuiyan

et al. 2022

Concurrency and Computation

View full text Add to dashboard Cite

show abstract

“…The high frequent data exchange ensures that the attacker can obtain the user's input with a high resolution. Our work leverages this pattern to detect potential CSI-based attacks by monitoring the number of ICMP packets sent within an observation window [34].…”

Section: Risk Assessmentmentioning

confidence: 99%

“…several typical strategies used by the participants, such as people often picked the top left corner as a starting point and prefer straight lines, the graphical patterns used in the experiments are chosen according to the strategies and they were also used in prior work [31,34]. The structure of these patterns ranges from simple to complex.…”

Section: P1 P2mentioning

confidence: 99%

“…Our key insight is that any CSI-based attack relies on high-quality CSI measurements collected during the input of sensitive information; and if we can quantify the quality of the CSI measurements, and guide the user to a location where the CSI readings will be inherently noisy, the attack will unlikely to be successful. Our countermeasure detects the attack by monitoring the network traffics [34]. We define a signal to noise (SNR) metric of CSI readings from the attack's perspective, which is used by our countermeasure to quantify how likely a CSI-based attack will succeed in the current physical environment.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Find me a safe zone: A countermeasure for channel state information based attacks

Zhang

Tang

et al. 2019

Computers & Security

Self Cite

View full text Add to dashboard Cite

Recently, channel state information (CSI) is shown to be an effective side-channel to perform attacks in public environments. Prior work has demonstrated that by analyzing how the CSI measurements of the wireless signal are affected by the mobile user's finger movements or gestures, an attacker can recover the user's input with a high success rate. Furthermore, the setup of this new attack is trivial, where the adversary only needs to place one or two malicious wireless devices near the target user. It would be difficult for many users to identify the nearby malicious devices while they want to continue to use mobile applications in public places. This dilemma makes protection of CSI-based attacks an urgent need. This article presents the first countermeasure for CSI-based attacks. Our key insight is that the success of any CSI-based attack requires high-quality CSI measurements; and we can significantly reduce the risk of information leakage by directing the user to a nearby location where the CSI readings are inherently noisy. To this end, we develop a regression based method to assess the risk of CSI-based attacks and exploit a well-established localization technique to identify potential malicious wireless devices. We then use this information to guide the user to a safe zone. We evaluate our approach by applying it to protect pattern lock and keystrokes in various indoor and outdoor environments. Experimental results show that our approach can effectively protect mobile users against CSI-based attacks.

show abstract

“…However, it is not safe to use mobile devices in such an environment, because by analyzing the influence of user's finger movements on channel state information (CSI) when the user enters the password, the attackers can steal user's sensitive information, such as passwords, PINs, security codes, etc. We call this kind of attack a "CSI-based attack" [1].…”

Section: Introductionmentioning

confidence: 99%

Defeat Your Enemy Hiding behind Public WiFi: WiGuard Can Protect Your Sensitive Information from CSI-Based Attack

Zhang

Tang

et al. 2018

Applied Sciences

Self Cite

View full text Add to dashboard Cite

The extended version makes the following additional contributions over the conference paper: (1) it provides a more detailed description of the attack; (2) it describes how the user uses WiGuard to protect sensitive information and gives the user a choice for the position and channel to optimize the system performance; (3) it provides new experimental results to evaluate the influence of the packet loss rate on the success rate and provides proof for the channel switch; (4) it adds a new experiment to evaluate the diversity of the attacker wireless transmitter; (5) it includes new results to compare the recognition results with and without channel interference. ‡ Jie Zhang and Meng Li are co-first authors.

show abstract

Protect Sensitive Information against Channel State Information Based Attacks

Cited by 8 publications

References 14 publications

Unauthorized and privacy‐intrusive human activity watching through Wi‐Fi signals: An emerging cybersecurity threat

Unauthorized and privacy‐intrusive human activity watching through Wi‐Fi signals: An emerging cybersecurity threat

Find me a safe zone: A countermeasure for channel state information based attacks

Defeat Your Enemy Hiding behind Public WiFi: WiGuard Can Protect Your Sensitive Information from CSI-Based Attack

Contact Info

Product

Resources

About