Find Me A Safe Zone:A Countermeasure for Channel State Information Based Attacks

Recently, channel state information (CSI) is shown to be an effective side-channel to perform attacks in public environments. Prior work has demonstrated that by analyzing how the CSI measurements of the wireless signal are affected by the mobile user's finger movements or gestures, an attacker can recover the user's input with a high success rate. Furthermore, the setup of this new attack is trivial, where the adversary only needs to place one or two malicious wireless devices near the target user. It would be difficult for many users to identify the nearby malicious devices while they want to continue to use mobile applications in public places. This dilemma makes protection of CSI-based attacks an urgent need. This article presents the first countermeasure for CSI-based attacks. Our key insight is that the success of any CSI-based attack requires high-quality CSI measurements; and we can significantly reduce the risk of information leakage by directing the user to a nearby location where the CSI readings are inherently noisy. To this end, we develop a regression based method to assess the risk of CSI-based attacks and exploit a well-established localization technique to identify potential malicious wireless devices. We then use this information to guide the user to a safe zone. We evaluate our approach by applying it to protect pattern lock and keystrokes in various indoor and outdoor environments. Experimental results show that our approach can effectively protect mobile users against CSI-based attacks.