There are a vast amount of security features implemented into technology today, making life harder for people with malicious intent to gain access to valuable information. Whilst we use two-factor authentication, 256-bit cryptography and other means to secure digital value – we still see that there are ways to bypass without using brute force on these hard modern security standards. In this report I aim to highlight this new wireless attack, how it works and what we can to to prevent it.
A group of researchers recently found that you could use Wifi-signals to determine hand gestures that reveals pin- and pass codes on your smartphone (Chirgwin, 2016). Although this might seem like futuristic sci-fi, it has been tested and the documentation for this is solid. So how can this be done?
Key information to this starts with defining what type of hardware is needed to perform such an attack. Since more primitive Wi-Fi setups will not work, the article says that the research group found the solution using a method that “..relies on the sophisticated beam-forming implemented in Multiple-Input, Multiple-Output (MIMO) antenna configurations” (Chirgwin, 2016). In modern setups there is a way to manage small changes in the signal – and that the link state changes when the user moves its hand (CSI data). The technique can in a sense be connected to previous research that allows you to count the number of people in a room just by using two Wi-Fi cards set up to talk to each other (Wenz, 2015). And like the article concludes, using radio signals to determine physical movement or space – is not an exact science. So it leaves the question – how accurate is this method?
Taking a closer look at the report that the group of researchers published, they collected training and test data from 10 volunteers. Each of the volunteers generated 10 loop samples, where one were to be cross-validated against the testing data and the other 9 as training data. This method revealed that “..WindTalker achieves average accuracy classification of 81.8% in Xiaomi, 73.2% in Nexus and 64% in Samsung.” (Li, 2016).
Although this seems pretty accurate, it does not guarantee you a correct result. But still, it is good enough to have you worried about your security being compromised. So how can this be avoided?
The most obvious way to avoid this kind of attack is by randomising the keys on the users keyboard. If the keys are different every time, there is no way the attacker can know which key is being pressed. The researchers make a point of this not being very user-friendly, and suggests another practical defence strategy which includes not connecting to free WiFi, changing your pressing patterns or sending out “noisy” CSI data to interfere. “Therefore, detecting and preventing a high-frequency ICMP ping represent a practical and ease of use countermeasure.” (Li, 2016).
My reflection regarding the report the researchers published, is that there might perhaps be a way to enhance the results by “fine-tuning” the attack. Perhaps if one custom builtan antenna to be more finely tuned in collecting the CSI data, the testing scores would be better. I also conclude that although randomised keyboards are a non-user friendly way to engage the problem – I feel the researchers have overlooked the possibility that this method can still be used in a user friendly way. Simply by allowing the user to change to a fixed alternative layout of his/hers choosing. This way, the user will have a recognisable keypad – which is not the same for every user. This method would of coursebe tested to see if the “human aspect” does not get in the way. But in some manner, I find this technological way far better than asking users to “avoid free wifi and send false CSI data”. Overall, the solution seems to be to detect and prevent high-frequency ICMP pings.
Chirgwin, R. (2016) Your body reveals your password by interfering with Wi-Fi
Available at: http://www.theregister.co.uk/2016/11/13/researchers_point_finger_at_handy_smartphone_exploit/
Accessed: 22 March 2017
Wenz, J. (2015) How Wi-Fi Can Count the People in a Room Without Tracking Their Phones
Available at: http://www.popularmechanics.com/technology/a15941/wi-fi-count-people-in-a-room
Accessed: 22 March 2017
Li, M., Meng, Y., Liu, J., Zhu, H., Liang, X. (2016) When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals