Abstract:WiFi connection has been suffering from MAC forgery attacks due to the loose authentication mechanism between access points (APs) and clients. To address this problem, the physical (PHY) layer information-based fingerprint has been adopted for safe WiFi authentication. Since such a fingerprint is constant and unique for each specific network interface card (NIC), it can effectively prevent MAC forgery attacks. However, the PHY layer information-based fingerprint is still vulnerable to malicious attacks as it is extracted from Channel State Information (CSI), and its stability can be affected by the wireless environment. In this paper, we propose a novel undetectable attack framework, called PhyFinAtt, base on which the attacker can undermine the stability of the PHY layer-based authentication fingerprints through human movement and further attack the WiFi authentication protocols. Specifically, we first demonstrate that human movement at a designated location can affect the PHY fingerprint. We then illustrate the impact of human movement on the PHY fingerprint and the relationship between the movement and the channel quality to ensure that the PHY fingerprint is destroyed by the movement in an undetected way without affecting normal communication. Extensive experiments in real-world scenarios show that our proposed attack can effectively disrupt the stability of the PHY fingerprints and significantly degrade the performance of the authentication protocols based on such fingerprints. To the best of our knowledge, this is the first study on effective attacks against the PHY information-based WiFi authentication protocols. Furthermore, we also present a practical defense mechanism without involving any additional equipment to mitigate attacks similar to PhyFinAtt.

PhyFinAtt: an Undetectable Attack Framework Against PHY Layer Fingerprint-based WiFi Authentication

Detecting Rogue Access Points Using Client-agnostic Wireless Fingerprints.

Accurate and Robust Rogue Access Point Detection with Client-Agnostic Wireless Fingerprinting

Device Authentication for 5G Terminals Via Radio Frequency Fingerprints

Push the Limit of WiFi-based User Authentication Towards Undefined Gestures

Towards Safer Connections: Secure Authentication in 5G Networks Leveraging Radio Frequency Fingerprinting

Rejecting the attack: Source authentication for Wi-Fi management frames using CSI Information

Practical Adversarial Attack on WiFi Sensing Through Unnoticeable Communication Packet Perturbation

Towards PHY-Aided Authentication Via Weighted Fractional Fourier Transform.

Hidden Backdoor Attack: A New Threat to Learning-Aided Physical Layer Authentication

Machine Learning-Based PHY-Authentication Without Prior Attacker Information for Wireless Multiple Access Channels

PHYAlert: Identity Spoofing Attack Detection and Prevention for a Wireless Edge Network

Stay Connected, Leave no Trace: Enhancing Security and Privacy in WiFi via Obfuscating Radiometric Fingerprints

Accurate and Efficient Wireless Device Fingerprinting Using Channel State Information

Real-time Identification of Rogue WiFi Connections Using Environment-Independent Physical Features

Authenticating On-Body IoT Devices: An Adversarial Learning Approach

A Signature-Based Wireless Intrusion Detection System Framework for Multi-Channel Man-in-the-Middle Attacks Against Protected Wi-Fi Networks

Physical-Layer Channel Authentication for 5G Via Machine Learning Algorithm.

Authenticating Users Through Fine-Grained Channel Information

A Secure and Private Authentication Based on Radio Frequency Fingerprinting

Chaotic Radio Frequency Fingerprint Masking Against Identity Attacks