Security Analysis of WiFi-based Sensing Systems: Threats from Perturbation Attacks

TL;DR

This paper introduces WiIntruder, a universal, robust, and stealthy adversarial attack on WiFi-based sensing systems, revealing significant security vulnerabilities in applications like authentication and health monitoring.

Contribution

The paper presents WiIntruder, a novel perturbation attack method that is universal, robust, and stealthy, specifically designed to exploit vulnerabilities in WiFi sensing systems.

Findings

WiIntruder effectively compromises WiFi sensing applications.

The attack demonstrates high transferability across models.

Experimental results confirm practical security threats.

Abstract

Deep learning technologies are pivotal in enhancing the performance of WiFi-based wireless sensing systems. However, they are inherently vulnerable to adversarial perturbation attacks, and regrettably, there is lacking serious attention to this security issue within the WiFi sensing community. In this paper, we elaborate such an attack, called WiIntruder, distinguishing itself with universality, robustness, and stealthiness, which serves as a catalyst to assess the security of existing WiFi-based sensing systems. This attack encompasses the following salient features: (1) Maximizing transferability by differentiating user-state-specific feature spaces across sensing models, leading to a universally effective perturbation attack applicable to common applications; (2) Addressing perturbation signal distortion caused by device synchronization and wireless propagation when critical parameters are optimized through a heuristic particle swarm-driven perturbation generation algorithm; and (3) Enhancing attack pattern diversity and stealthiness through random switching of perturbation surrogates generated by a generative adversarial network. Extensive experimental results confirm the practical threats of perturbation attacks to common WiFi-based services, including user authentication and respiratory monitoring.