ABSTRACT
The emerging reconfigurable intelligent surface (RIS) technique introduces novel threats to wireless sensing owing to its channel customization ability. Unlike active radios, the RIS's interference behaves akin to natural reflections, exhibiting a higher level of stealthiness and difficulty in detection. However, the majority of current RIS-based attacks lack generalizability to real-world scenarios, as they assume complete coverage of the RIS over objects and develop their techniques within electromagnetic-controlled environments such as an anechoic chamber. To bridge this gap, we present RIStealth, a practical and covert attack that leverages RIS technology to render a moving individual undetectable by WiFi-based intrusion detection systems in real-life scenarios. RIStealth integrates the strengths of both motion reduction and threshold lifting strategies to address challenges of limited RIS affordability, constrained cooperation in adversary settings, and complex and unpredictable environments. Through real-world evaluations conducted with our RIS prototype, we demonstrate that RIStealth effectively reduces the victim's intrusion detection rate from 95.1% to 16.4%. Our findings shed light on the practical threats posed by RIS, thereby encouraging further countermeasure development.
- Venkat Arun and Hari Balakrishnan. 2020. RFocus: Beamforming Using Thousands of Passive Antennas.. In NSDI. 1047--1061.Google Scholar
- Saeed Bagherinejad and S Mohammad Razavizadeh. 2021. Direction-based jamming detection and suppression in mmWave massive MIMO networks. IET Communications 15, 14 (2021), 1780--1790.Google ScholarDigital Library
- Justin Chan, Changxi Zheng, and Xia Zhou. 2015. 3D Printing Your Wireless Coverage. In Proceedings of the 2nd International Workshop on Hot Topics in Wireless (Paris, France) (HotWireless '15). Association for Computing Machinery, New York, NY, USA, 1--5. Google ScholarDigital Library
- Lili Chen, Wenjun Hu, Kyle Jamieson, Xiaojiang Chen, Dingyi Fang, and Jeremy Gummeson. 2021. Pushing the Physical Limits of IoT Devices with Programmable Metasurfaces.. In NSDI. 425--438.Google Scholar
- Xi Chen, Chen Ma, Michel Allegue, and Xue Liu. 2017. Taming the inconsistency of Wi-Fi fingerprints for device-free passive indoor localization. In IEEE INFOCOM 2017-IEEE Conference on Computer Communications. IEEE, 1--9.Google ScholarCross Ref
- Yingying Chen, Wade Trappe, and Richard P Martin. 2007. Attack detection in wireless localization. In IEEE INFOCOM 2007-26th IEEE International Conference on Computer Communications. IEEE, 1964--1972.Google ScholarDigital Library
- Qiang Cheng, Lei Zhang, Jun Yan Dai, Wankai Tang, Jun Chen Ke, Shuo Liu, Jing Cheng Liang, Shi Jin, and Tie Jun Cui. 2022. Reconfigurable Intelligent Surfaces: Simplified-Architecture Transmitters---From Theory to Implementations. Proc. IEEE 110, 9 (2022), 1266--1289. Google ScholarCross Ref
- Marco Cominelli, Francesco Gringoli, and Renato Lo Cigno. 2022. AntiSense: Standard-compliant CSI obfuscation against unauthorized Wi-Fi sensing. Computer Communications 185 (2022), 92--103.Google ScholarDigital Library
- Tie Jun Cui, Shuo Liu, and Lei Zhang. 2017. Information metamaterials and metasurfaces. Journal of materials chemistry C 5, 15 (2017), 3644--3668.Google ScholarCross Ref
- Tie Jun Cui, Mei Qing Qi, Xiang Wan, Jie Zhao, and Qiang Cheng. 2014. Coding metamaterials, digital metamaterials and programmable metamaterials. Light: science & applications 3, 10 (2014), e218--e218.Google Scholar
- Huijuan Dai, Yongjiu Zhao, Huangyan Li, Jiaqing Chen, Zheng He, and Wenjun Qi. 2019. An ultra-wide band polarization-independent random coding Metasurface for RCS reduction. Electronics 8, 10 (2019), 1104.Google ScholarCross Ref
- Linglong Dai, Bichai Wang, Min Wang, Xue Yang, Jingbo Tan, Shuangkaisheng Bi, Shenheng Xu, Fan Yang, Zhi Chen, Marco Di Renzo, et al. 2020. Reconfigurable intelligent surface-based wireless communications: Antenna design, prototyping, and experimental results. IEEE access 8 (2020), 45913--45923.Google Scholar
- Enjie Ding, Xiansheng Li, Tong Zhao, Lei Zhang, and Yanjun Hu. 2018. A robust passive intrusion detection system with commodity WiFi devices. Journal of Sensors 2018 (2018).Google Scholar
- Manideep Dunna, Chi Zhang, Daniel Sievenpiper, and Dinesh Bharadia. 2020. ScatterMIMO: Enabling virtual MIMO with smart surfaces. In Proceedings of the 26th Annual International Conference on Mobile Computing and Networking. 1--14.Google ScholarDigital Library
- Chao Feng, Xinyi Li, Yangfan Zhang, Xiaojing Wang, Liqiong Chang, Fuwei Wang, Xinyu Zhang, and Xiaojiang Chen. 2021. RFlens: Metasurface-Enabled Beamforming for IoT Communication and Sensing. In Proceedings of the 27th Annual International Conference on Mobile Computing and Networking (New Orleans, Louisiana) (MobiCom '21). Association for Computing Machinery, New York, NY, USA, 587--600. Google ScholarDigital Library
- Zi Feng, Jianxia Ning, Ioannis Broustis, Konstantinos Pelechrinis, Srikanth V. Krishnamurthy, and Michalis Faloutsos. 2011. Coping with packet replay attacks in wireless networks. In 2011 8th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks. 368--376. Google ScholarCross Ref
- Mohammad-Javad Haji-Ahmadi, Vahid Nayyeri, Mohammad Soleimani, and Omar M Ramahi. 2017. Pixelated checkerboard metasurface for ultra-wideband radar cross section reduction. Scientific Reports 7, 1 (2017), 1--12.Google ScholarCross Ref
- Daniel Halperin, Wenjun Hu, Anmol Sheth, and David Wetherall. 2011. Tool release: Gathering 802.11 n traces with channel state information. ACM SIGCOMM computer communication review 41, 1 (2011), 53--53.Google ScholarDigital Library
- Jiang Haofeng and Gong Xiaorui. 2019. Wi-Fi Secure Access Control System Based on Geo-fence. In 2019 IEEE Symposium on Computers and Communications (ISCC). 1--6. Google ScholarCross Ref
- Yuqian Hu, Muhammed Zahid Ozturk, Beibei Wang, Chenshu Wu, Feng Zhang, and KJ Ray Liu. 2022. Robust Passive Proximity Detection Using Wi-Fi. IEEE Internet of Things Journal 10, 7 (2022), 6221--6234.Google ScholarCross Ref
- Sunakshi Jaitly, Harshit Malhotra, and Bharat Bhushan. 2017. Security vulnerabilities and countermeasures against jamming attacks in Wireless Sensor Networks: A survey. In 2017 International Conference on Computer, Communications and Electronics (Comptelix). IEEE, 559--564.Google ScholarCross Ref
- T. Karhima, A. Silvennoinen, M. Hall, and S.-G. Haggman. 2004. IEEE 802.11b/g WLAN tolerance to jamming. In IEEE MILCOM 2004. Military Communications Conference, 2004., Vol. 3. 1364--1370 Vol. 3. Google ScholarCross Ref
- J Clayton Kerce, George C Brown, and Mark A Mitchell. 2007. Phase-only transmit beam broadening for improved radar search performance. In 2007 IEEE Radar Conference. IEEE, 451--456.Google ScholarCross Ref
- Ahmed E Kosba, Ahmed Saeed, and Moustafa Youssef. 2012. RASID: A robust WLAN device-free passive motion detection system. In 2012 IEEE International Conference on Pervasive Computing and Communications. IEEE, 180--189.Google Scholar
- Shengjie Li, Xiang Li, Kai Niu, Hao Wang, Yue Zhang, and Daqing Zhang. 2017. Ar-alarm: An adaptive and robust intrusion detection system leveraging csi from commodity wi-fi. In Enhanced Quality of Life and Smart Living: 15th International Conference, ICOST 2017, Paris, France, August 29--31, 2017, Proceedings 15. Springer, 211--223.Google ScholarCross Ref
- Xinyi Li, Chao Feng, Fengyi Song, Chenghan Jiang, Yangfan Zhang, Ke Li, Xinyu Zhang, and Xiaojiang Chen. 2022. Protego: securing wireless communication via programmable metasurface. In Proceedings of the 28th Annual International Conference on Mobile Computing And Networking. 55--68.Google ScholarDigital Library
- Zang Li, Wade Trappe, Yanyong Zhang, and Badri Nath. 2005. Robust statistical methods for securing wireless localization in sensor networks. In IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005. IEEE, 91--98.Google Scholar
- Yuxiang Lin, Yi Gao, Bingji Li, and Wei Dong. 2020. Revisiting indoor intrusion detection with WiFi signals: do not panic over a pet! IEEE Internet of Things Journal 7, 10 (2020), 10437--10449.Google Scholar
- Linksys. 2019. Linksys Aware. https://www.linksys.com/for-home/software-and-services/linksys-aware/Google Scholar
- Xiao Liu, Jun Gao, Liming Xu, Xiangyu Cao, Yi Zhao, and Sijia Li. 2016. A coding diffuse metasurface for RCS reduction. IEEE Antennas and wireless propagation letters 16 (2016), 724--727.Google Scholar
- Xi Liu, Anmol Sheth, Michael Kaminsky, Konstantina Papagiannaki, Srinivasan Seshan, and Peter Steenkiste. 2009. DIRC: Increasing Indoor Wireless Capacity Using Directional Antennas. In Proceedings of the ACM SIGCOMM 2009 Conference on Data Communication (Barcelona, Spain) (SIGCOMM '09). Association for Computing Machinery, New York, NY, USA, 171--182. Google ScholarDigital Library
- Xi Liu, Anmol Sheth, Michael Kaminsky, Konstantina Papagiannaki, Srinivasan Seshan, and Peter Steenkiste. 2010. Pushing the Envelope of Indoor Wireless Spatial Reuse Using Directional Access Points and Clients. In Proceedings of the Sixteenth Annual International Conference on Mobile Computing and Networking (Chicago, Illinois, USA) (MobiCom '10). Association for Computing Machinery, New York, NY, USA, 209--220. Google ScholarDigital Library
- Jiguang Lv, Dapeng Man, Wu Yang, Liangyi Gong, Xiaojiang Du, and Miao Yu. 2019. Robust device-free intrusion detection using physical layer information of WiFi signals. Applied Sciences 9, 1 (2019), 175.Google ScholarCross Ref
- Akila Murugesan, Krishnasamy T Selvan, Ashwin Iyer, Kumar Vaibhav Srivastava, and Arokiaswami Alphones. 2021. A review of metasurface-assisted RCS reduction techniques. Progress In Electromagnetics Research B 94 (2021), 75--103.Google ScholarCross Ref
- Inc. Origin Wireless. 2021. Hex Home Smart Home Security System. https://myhexhome.com/Google Scholar
- Xilong Pei, Haifan Yin, Li Tan, Lin Cao, Zhanpeng Li, Kai Wang, Kun Zhang, and Emil Björnson. 2021. RIS-Aided Wireless Communications: Prototyping, Adaptive Beamforming, and Indoor/Outdoor Field Trials. IEEE Transactions on Communications 69, 12 (2021), 8627--8640. Google ScholarCross Ref
- Hossein Pirayesh and Huacheng Zeng. 2022. Jamming Attacks and Anti-Jamming Strategies in Wireless Networks: A Comprehensive Survey. IEEE Communications Surveys Tutorials 24, 2 (2022), 767--809. Google ScholarCross Ref
- Fang Qi, Yingkai Zhao, Md Zakirul Alam Bhuiyan, Hai Tao, Weifeng Yan, and Zhe Tang. 2022. Artificial intelligence driven Wi-Fi CSI data mining: Focusing on the intrusion detection applications. International Journal of Communication Systems (2022), e5338.Google Scholar
- Chao Qian, Bin Zheng, Yichen Shen, Li Jing, Erping Li, Lian Shen, and Hongsheng Chen. 2020. Deep-learning-enabled self-adaptive microwave cloak without human intervention. Nature photonics 14, 6 (2020), 383--390.Google Scholar
- Yue Qiao, Ouyang Zhang, Wenjie Zhou, Kannan Srinivasan, and Anish Arora. 2016. PhyCloak: Obfuscating sensing from communication signals. In 13th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 16). 685--699.Google Scholar
- Sridhar Rajagopal. 2012. Beam broadening for phased antenna arrays using multi-beam subarrays. In 2012 IEEE International Conference on Communications (ICC). IEEE, 3637--3642.Google ScholarCross Ref
- Jatin Sadhwani and M Sabarimalai Manikandan. 2021. Non-collaborative human presence detection using channel state information of Wi-Fi signal and long-short term memory neural network. In 2021 13th International Conference on Electronics, Computers and Artificial Intelligence (ECAI). IEEE, 1--6.Google ScholarCross Ref
- Jayanth Shenoy, Zikun Liu, Bill Tao, Zachary Kabelac, and Deepak Vasisht. 2022. RF-protect: privacy against device-free human tracking. In Proceedings of the ACM SIGCOMM 2022 Conference. 588--600.Google ScholarDigital Library
- Anmol Sheth, Srinivasan Seshan, and David Wetherall. 2009. Geo-fencing: Confining Wi-Fi Coverage to Physical Boundaries.. In Pervasive, Vol. 5538. 274--290.Google Scholar
- Paul Staat, Simon Mulzer, Stefan Roth, Veelasha Moonsamy, Markus Heinrichs, Rainer Kronberger, Aydin Sezgin, and Christof Paar. 2022. IRShield: A countermeasure against adversarial physical-layer wireless sensing. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 1705--1721.Google ScholarCross Ref
- Zhi Sun, Sarankumar Balakrishnan, Lu Su, Arupjyoti Bhuyan, Pu Wang, and Chunming Qiao. 2021. Who Is in Control? Practical Physical Layer Attack and Defense for mmWave-Based Sensing in Autonomous Vehicles. IEEE Transactions on Information Forensics and Security 16 (2021), 3199--3214. Google ScholarCross Ref
- Mathy Vanhoef and Frank Piessens. 2014. Advanced Wi-Fi Attacks Using Commodity Hardware. In Proceedings of the 30th Annual Computer Security Applications Conference (New Orleans, Louisiana, USA) (ACSAC '14). Association for Computing Machinery, New York, NY, USA, 256--265. Google ScholarDigital Library
- Ambuj Varshney, Luca Mottola, Mats Carlsson, and Thiemo Voigt. 2015. Directional Transmissions and Receptions for High-Throughput Bulk Forwarding in Wireless Sensor Networks. In Proceedings of the 13th ACM Conference on Embedded Networked Sensor Systems (Seoul, South Korea) (SenSys '15). Association for Computing Machinery, New York, NY, USA, 351--364. Google ScholarDigital Library
- Tong Xin, Bin Guo, Zhu Wang, Pei Wang, Jacqueline Chi Kei Lam, Victor Li, and Zhiwen Yu. 2018. FreeSense: A robust approach for indoor human detection using Wi-Fi signals. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 2, 3 (2018), 1--23.Google ScholarDigital Library
- Chen Yan, Wenyuan Xu, and Jianhao Liu. 2016. Can you trust autonomous vehicles: Contactless attacks against sensors of self-driving vehicle. Def Con 24, 8 (2016), 109.Google Scholar
- Fang Yuan, Guang-Ming Wang, He-Xiu Xu, Tong Cai, Xiao-Jun Zou, and Ze-Hao Pang. 2017. Broadband RCS reduction based on spiral-coded metasurface. IEEE Antennas and wireless propagation letters 16 (2017), 3188--3191.Google ScholarCross Ref
- Feng Zhang, Chenshu Wu, Beibei Wang, Hung-Quoc Lai, Yi Han, and KJ Ray Liu. 2019. WiDetect: Robust motion detection with a statistical electromagnetic model. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 3, 3 (2019), 1--24.Google ScholarDigital Library
- Xin Ge Zhang, Ya Lun Sun, Qian Yu, Qiang Cheng, Wei Xiang Jiang, Cheng-Wei Qiu, and Tie Jun Cui. 2021. Smart Doppler cloak operating in broad band and full polarizations. Advanced Materials 33, 17 (2021), 2007966.Google ScholarCross Ref
- Zheng Zhen, Chao Qian, Yuetian Jia, Zhixiang Fan, Ran Hao, Tong Cai, Bin Zheng, Hongsheng Chen, and Erping Li. 2021. Realizing transmitted metasurface cloak by a tandem neural network. Photonics Research 9, 5 (2021), B229--B235.Google ScholarCross Ref
- Yuxuan Zhou, Huangxun Chen, Chenyu Huang, and Qian Zhang. 2022. WiAdv: Practical and Robust Adversarial Attack against WiFi-based Gesture Recognition System. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 6, 2 (2022), 1--25.Google ScholarDigital Library
- Guozhen Zhu, Chenshu Wu, Xiaolu Zeng, Beibei Wang, and KJ Ray Liu. 2022. Who Moved My Cheese? Human and Non-human Motion Recognition with WiFi. In 2022 IEEE 19th International Conference on Mobile Ad Hoc and Smart Systems (MASS). IEEE, 476--484.Google Scholar
- Yanzi Zhu, Zhujun Xiao, Yuxin Chen, Zhijing Li, Max Liu, Ben Y Zhao, and Haitao Zheng. 2020. Et tu alexa? when commodity wifi devices turn into adversarial motion sensors. In Network and Distributed Systems Security (NDSS) Symposium.Google ScholarCross Ref
Index Terms
- RIStealth: Practical and Covert Physical-Layer Attack against WiFi-based Intrusion Detection via Reconfigurable Intelligent Surface
Recommendations
Rule generalisation in intrusion detection systems using SNORT
Intrusion Detection Systems (IDSs) provide an important layer of security for computer systems and networks. An IDS's responsibility is to detect suspicious or unacceptable system and network activity and to alert a systems administrator to this ...
Network Intrusion Detection: Automated and Manual Methods Prone to Attack and Evasion
In this article, the authors describe common intrusion detection techniques, NIDS evasion methods, and how NIDSs detect intrusions. Additionally, we introduce new evasion methods, present test results for confirming attack outcomes based on server ...
Syntax vs. semantics: competing approaches to dynamic network intrusion detection
Malicious network traffic, including widespread worm activity, is a growing threat to internet-connected networks and hosts. In this paper, we consider both syntax and semantics based approaches for dynamic network intrusion detection. The semantics-...
Comments