(Note: This is a fictionalized account of how a journalist may have covered the paper, “Violating Privacy Through Walls by Passive Monitoring of
Radio Windows” by Arijit Banerjee et. al. None of the quotations below are true and must be interpreted as fiction only.)
University of Utah
In a new study, researchers at the University of Utah show that wi-fi signals can be used from the outside of a building to spy on humans moving inside.
“Despite having secure and encrypted data transmission protocols, wi-fi signals still leak a lot of information about the environment,” says the first author of the study. “Our work shows that this information can be exploited to compromise the privacy of people moving inside buildings.”
The difference between privacy and security is subtle, but important to understand in this digital era. In the context of wireless data transmission, a security attack involves intercepting the data being sent, regardless of its content. However, user privacy would only be compromised if any aspect of the data transmission gives the attacker some additional information about the person transmitting the data. For instance, locating a person and their motion without their approval would constitute a violation of that person’s privacy. Building on similar ideas, the researchers study the possibility of compromising the location privacy of humans moving inside a building.
“Our project and the concerns it raises fit neatly within the recent surge of interest in using wireless signals to see through walls,” says the senior principal investigator associated with the research. “Such systems may clearly violate user privacy by forming unauthorized images of objects or humans inside buildings.”
Most of these systems use active elements that both transmit and receive wireless signals. However, detecting such transmissions is easy, and a device located inside can take measures to prevent detection by jamming these signals.
“The passive scenario is more interesting, where the eavesdropping devices only receive wireless signals without transmitting any,” says the lead author. “To the best of our knowledge, no other study besides ours has studied passive privacy attacks. We show that it indeed is possible to infer crude user location parameters passively from outside a building, simply by analyzing the wi-fi signals a router may be transmitting inside.”
Their attack begins with a malicious user deploying multiple passive wireless devices on the outside of a building. The researchers assume the presence of at least one wi-fi transmitter inside the building, an exceedingly common scenario these days. Each device outside forms a wireless link with every transmitter inside; and by measuring the changes in these wireless links’ characteristics, the researchers are able to infer the presence or absence of a human being and the person’s direction of motion. For simplicity, their method assumes at most one person to be moving inside the the building.
“The main idea is that any wireless device can monitor the link strength between itself and a transmitter, regardless of having access to the data being sent. Thus, by measuring the variation in link strength over time, we get important clues about a person’s movements inside. This is because a person weakens the link strength as he or she cross the line joining the transmitter and receiver,” says the lead author. “We are also able to infer the direction of motion by deploying multiple passive devices and noting the time instants when each link gets crossed.”
To monitor link strength, the researchers use either the received signal strength, RSS, or the channel state information, CSI. Both these metrics are measurable at any receiver deployed in a transmitter’s range.
“Our method is able to detect a person and infer his or her movement with nearly 100% accuracy,” says the lead author. “We are now working to extend our algorithm to detect multiple moving humans.”
“What’s concerning is the lack of research on preventing such attacks,” says a senior researcher involved in the study. “As our work shows, the threat of being passively monitored is real, but thwarting such attacks is still an open problem. We hope our work will inspire the wireless community to come up with possible countermeasures in the near future.”
###
