Tool release: gathering 802.11n traces with channel state information
22 Jan 2011-Vol. 41, Iss: 1, pp 53-53
TL;DR: The measurement setup comprises the customized versions of Intel's close-source firmware and open-source iwlwifi wireless driver, userspace tools to enable these measurements, access point functionality for controlling both ends of the link, and Matlab scripts for data analysis.
Abstract: We are pleased to announce the release of a tool that records detailed measurements of the wireless channel along with received 802.11 packet traces. It runs on a commodity 802.11n NIC, and records Channel State Information (CSI) based on the 802.11 standard. Unlike Receive Signal Strength Indicator (RSSI) values, which merely capture the total power received at the listener, the CSI contains information about the channel between sender and receiver at the level of individual data subcarriers, for each pair of transmit and receive antennas.Our toolkit uses the Intel WiFi Link 5300 wireless NIC with 3 antennas. It works on up-to-date Linux operating systems: in our testbed we use Ubuntu 10.04 LTS with the 2.6.36 kernel. The measurement setup comprises our customized versions of Intel's close-source firmware and open-source iwlwifi wireless driver, userspace tools to enable these measurements, access point functionality for controlling both ends of the link, and Matlab (or Octave) scripts for data analysis. We are releasing the binary of the modified firmware, and the source code to all the other components.
Citations
More filters
19 Aug 2017
TL;DR: The key insight of PreFi is to extract the variance features of the fine-grained time-series CSI, which is sensitively affected by customer activity, to recognize what is the customer doing.
Abstract: Customer’s product preference provides how a customer collects products or prefers one collection over another. Understanding customer’s product preference can provide retail store owner and librarian valuable insight to adjust products and service. Current solutions offer a certain convenience over common approaches such as questionnaire and interviews. However, they either require video surveillance or need wearable sensor which are usually invasive or limited to additional device. Recently, researchers have exploited physical layer information of wireless signals for robust device-free human detection, ever since Channel State Information (CSI) was reported on commodity WiFi devices. Despite of a significant amount of progress achieved, there are few works studying customer’s product preference. In this paper, we propose a customer’s product preference analysis system, PreFi, based on Commercial Off-The-Shelf (COTS) WiFi-enabled devices. The key insight of PreFi is to extract the variance features of the fine-grained time-series CSI, which is sensitively affected by customer activity, to recognize what is the customer doing. First, we conduct Principal Component Analysis (PCA) to smooth the preprocessed CSI values since general denoising method is insufficient in removing the bursty and impulse noises. Second, a sliding window-based feature extraction method and majority voting scheme are adopted to compare the distribution of activity profiles to identify different activities. We prototype our system on COTS WiFi-enabled devices and extensively evaluate it in typical indoor scenarios. The results indicate that PreFi can recognize a few representative customer activity with satisfied accuracy and robustness.
4 citations
TL;DR: In this paper , a work using a smartphone with an off-the-shelf WiFi router for human activity recognition with various scales is presented, where the smartphone is configured with customized firmware and developed software for capturing WiFi channel state information (CSI) data.
Abstract: In this article, we present a work using a smartphone with an off-the-shelf WiFi router for human activity recognition with various scales. The router serves as a hotspot for transmitting WiFi packets. The smartphone is configured with customized firmware and developed software for capturing WiFi channel state information (CSI) data. We extract the features from the CSI data associated with specific human activities, and utilize the features to classify the activities using machine learning models. To evaluate the system performance, we test 20 types of human activities with different scales including seven small motions, four medium motions, and nine big motions. We recruit 60 participants and spend 140 hours for data collection at various experimental settings, and have 36 000 data points collected in total. Furthermore, for comparison, we adopt three distinct machine learning models, including convolutional neural networks (CNNs), decision tree, and long short-term memory. The results demonstrate that our system can predict these human activities with an overall accuracy of 97.25%. Specifically, our system achieves a mean accuracy of 97.57% for recognizing small-scale motions that are particularly useful for gesture recognition. We then consider the adaptability of the machine learning algorithms in classifying the motions, where CNN achieves the best predicting accuracy. As a result, our system enables human activity recognition in a more ubiquitous and mobile fashion that can potentially enhance a wide range of applications such as gesture control, sign language recognition, etc.
4 citations
04 Jul 2016
TL;DR: This dissertation analyzes the security of popular network protocols and finds that commodity devices allow us to violate several assumptions made by the Wi-Fi, and proposes a technique to decrypt arbitrary packets sent towards a client.
Abstract: This dissertation analyzes the security of popular network protocols. First we investigate the Wi-Fi Protected Access Temporal Key Integrity Protocol (WPA-TKIP), and then we study the security of the RC4 stream cipher in both WPA-TKIP and the Transport Layer Security (TLS) protocol. We focus on these protocols because of their popularity. In particular, around November 2012, WPA-TKIP was used by two-thirds of encrypted Wi-Fi networks, and it is currently still used by more than half of all encrypted networks. Similarly, around 2013, RC4 was used in half of all TLS connections. Finally, with as goal to implement reliable proof-of-concepts for some of our attacks against WPA-TKIP, we also study physical layer security aspects of Wi-Fi. In the first part of this dissertation we focus on WPA-TKIP when used to protect unicast Wi-Fi traffic. Here we demonstrate how fragmentation of Wi-Fi frames can be used to inject an arbitrary number of packets, and we show how this attack can be applied in practice by performing a portscan on any client connected to the network. Then we propose a technique to decrypt arbitrary packets sent towards a client. Our technique first resets the internal state of the Michael algorithm, and abuses this to make victims forward packets to a server under control of the adversary, effectively decrypting the packets. We also present a novel Denial of Service (DoS) attack that requires the injection of only two frames every minute. Additionally, we discover that several network cards use flawed and insecure implementations of WPA-TKIP. In the second part of the dissertation, our goal is to attack WPA-TKIP when used to protect broadcast and multicast traffic, i.e., group traffic. This is important since, even in 2016, more than half of all encrypted Wi-Fi networks still protect group traffic using WPA-TKIP. To carry out our attack in a general setting, we must be able to reliably block certain packets from arriving at their destination, preferably using cheap commodity Wi-Fi devices. Hence we first study low-layer aspects of the Wi-Fi protocol. Surprisingly, we found that commodity devices allow us to violate several assumptions made by the Wi-Fi
4 citations
Cites methods from "Tool release: gathering 802.11n tra..."
...Custom firmware has also been used for low-layer control [19, 21, 68]....
[...]
[...]
TL;DR: The attack case study and analysis reveal the vulnerability of WiFi-based gesture recognition systems, and it is hoped WiAdv could help promote the improvement of the relevant systems.
Abstract: WiFi-based gesture recognition systems have attracted enormous interest owing to the non-intrusive of WiFi signals and the wide adoption of WiFi for communication. Despite boosted performance via integrating advanced deep neural network (DNN) classifiers, there lacks sufficient investigation on their security vulnerabilities, which are rooted in the open nature of the wireless medium and the inherent defects (e.g., adversarial attacks) of classifiers. To fill this gap, we aim to study adversarial attacks to DNN-powered WiFi-based gesture recognition to encourage proper countermeasures. We design WiAdv to construct physically realizable adversarial examples to fool these systems. WiAdv features a signal synthesis scheme to craft adversarial signals with desired motion features based on the fundamental principle of WiFi-based gesture recognition, and a black-box attack scheme to handle the inconsistency between the perturbation space and the input space of the classifier caused by the in-between non-differentiable processing modules. We realize and evaluate our attack strategies against a representative state-of-the-art system, Widar3.0 in realistic settings. The experimental results show that the adversarial wireless signals generated by WiAdv achieve over 70% attack success rate on average, and remain robust and effective across different physical settings. Our attack case study and analysis reveal the vulnerability of WiFi-based gesture recognition systems, and we hope WiAdv could help promote the improvement of the relevant systems.
4 citations
TL;DR: In this article , the authors proposed a robust gesture recognition system (WiHGR) based on a modified attention-based bi-directional gate recurrent unit (ABGRU) network to learn and extract discriminative features automatically from the phase difference matrix.
Abstract: Gesture recognition is an essential part in the field of human–computer interaction (HCI) and Internet of Things system. Compared with the existing technologies based on wearable sensors and dedicated devices, approaches using WiFi channel state information (CSI) signals are more desirable for passive and fine-grained gesture recognition. However, the existing CSI-based gesture recognition systems usually suffer from high model complexity and low accuracy caused by environmental dynamics. To address these issues, we propose a robust gesture recognition system (WiHGR) in this article. The WiHGR starts with a sparse recovery method to find the dominant paths from the multipath effect introduced by the orthogonal frequency division multiplexing (OFDM) technology, i.e., the main propagation paths disturbed by a human gesture. Then, the phase difference matrix is constructed according to the phase differences between two adjacent receiving antennas from the dominant paths. We propose a modified attention-based bi-directional gate recurrent unit (ABGRU) network to learn and extract discriminative features automatically from the phase difference matrix. The proposed attention mechanism assigns higher weights to the more important features, thus achieving a better recognition performance. The experimental results show that the WiHGR not only has a high accuracy for gesture recognition in the training environment, but also has a remarkable performance in new environment settings without retraining.
4 citations
References
More filters
30 Aug 2010
TL;DR: It is shown that, for the first time, wireless packet delivery can be accurately predicted for commodity 802.11 NICs from only the channel measurements that they provide, and the rate prediction is as good as the best rate adaptation algorithms for 802.
Abstract: RSSI is known to be a fickle indicator of whether a wireless link will work, for many reasons. This greatly complicates operation because it requires testing and adaptation to find the best rate, transmit power or other parameter that is tuned to boost performance. We show that, for the first time, wireless packet delivery can be accurately predicted for commodity 802.11 NICs from only the channel measurements that they provide. Our model uses 802.11n Channel State Information measurements as input to an OFDM receiver model we develop by using the concept of effective SNR. It is simple, easy to deploy, broadly useful, and accurate. It makes packet delivery predictions for 802.11a/g SISO rates and 802.11n MIMO rates, plus choices of transmit power and antennas. We report testbed experiments that show narrow transition regions (
697 citations
"Tool release: gathering 802.11n tra..." refers methods in this paper
...It works on up-to-date Linux operating systems: in our testbed we use Ubuntu 10.04 LTS with the 2.6.36 kernel....
[...]
01 Oct 2001
TL;DR: The Internet is going mobile and wireless, perhaps quite soon, with a number of diverse technologies leading the charge, including, 3G cellular networks based on CDMA technology, a wide variety of what is deemed 2.5G cellular technologies (e.g., EDGE, GPRS and HDR), and IEEE 802.11 wireless local area networks (WLANs).
Abstract: At some point in the future, how far out we do not exactly know, wireless access to the Internet will outstrip all other forms of access bringing the freedom of mobility to the way we access the we...
615 citations
07 Jan 2010
TL;DR: This tutorial provides a brief introduction to multiple antenna techniques, and describes the two main classes of those techniques, spatial diversity and spatial multiplexing.
Abstract: The use of multiple antennas and MIMO techniques based on them is the key feature of 802.11n equipment that sets it apart from earlier 802.11a/g equipment. It is responsible for superior performance, reliability and range. In this tutorial, we provide a brief introduction to multiple antenna techniques. We describe the two main classes of those techniques, spatial diversity and spatial multiplexing. To ground our discussion, we explain how they work in 802.11n NICs in practice.
89 citations