Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors
This work addresses privacy vulnerabilities for users in homes and offices by revealing a new type of silent reconnaissance attack using existing WiFi infrastructure.
The paper demonstrates that commodity WiFi devices can be used to track human movements inside buildings by sniffing WiFi signals without network compromise, achieving high effectiveness in real-world deployments across 11 offices and apartments.
Our work demonstrates a new set of silent reconnaissance attacks, which leverages the presence of commodity WiFi devices to track users inside private homes and offices, without compromising any WiFi network, data packets, or devices. We show that just by sniffing existing WiFi signals, an adversary can accurately detect and track movements of users inside a building. This is made possible by our new signal model that links together human motion near WiFi transmitters and variance of multipath signal propagation seen by the attacker sniffer outside of the property. The resulting attacks are cheap, highly effective, and yet difficult to detect. We implement the attack using a single commodity smartphone, deploy it in 11 real-world offices and residential apartments, and show it is highly effective. Finally, we evaluate potential defenses, and propose a practical and effective defense based on AP signal obfuscation.