CSI-REFLECTOR extends CSI-MURDER in yet another dimension: active randomization against active attacks. For a detailed description of the contribution, please refer to

Marco Cominelli, Francesco Gringoli, and Renato Lo Cigno. “Non Intrusive Wi-Fi CSI Obfuscation Against Active Localization Attacks”. Submitted for publication.

Attackers are using their own transmitters and receivers for analysing people’s activity. In this situation, preserving people’s privacy is more difficult as it requires to intercept attackers’ frames and trasmit interference signals in real-time, so that attackers keep observing randomized CSI. While a full-duplex transceiver is required for a real implementation, we showcase a simple demo with the help of two SDR devices: one emulates the attacker’s transmitter outside the place (TX at the bottom in the picture), the other emulates the reflector and is locate inside the place in one of the three red positions (A, B or C in the picture).

Our demo takes into account the physical propagation delay between the attacking transmitter and the reflector. We also build the reflector so that it introduces an additional random delay that change over time to emulate the presence of a moving object inside the place. The five RXn devices are the attackers’ receivers, where we collect the CSI data.

The dataset that we collected demonstrates that the CSI actually changes over time in a manner so that any trained approach for tracking a human located at the nine positions in the grid (Px) has very high change to fail.

Press the play button on the images to see a preview of the CSI that is collected at receiver RX2 with the reflector is off (left video) or it is on in position B (right video).