Go to DBLP homepageEvasion Attacks and Countermeasures in Deep Learning-Based Wi-Fi Gesture Recognition
Abstract: Deep learning-based Wi-Fi sensing has received massive interest thanks to the prevalence of Wi-Fi technology. While deep learning techniques provide promising results in Wi-Fi sensing, there are only very few studies on the vulnerabilities against Wi-Fi ensing. In this paper, we studied evasion attacks against deep learning-based Wi-Fi sensing and the countermeasure and conducted an extensive experimental evaluation using two publicly available datasets, namely SignFi and Widar. Accordingly, we proposed three white-box and two black-box attacks and revealed that even with an undetectable power change, evasion attacks can achieve a remarkable attack success rate (ASR) of 97.0% and 95.6% in white-box and black-box settings, respectively. These results highlight the urgent need for countermeasures against evasion attacks in Wi-Fi sensing systems. We introduced adversarial training and randomised smoothing, which notably improved the robustness of the Wi-Fi sensing model. The ASRs for white-box and black-box attacks were reduced to a minimum of around 6% and 2%, respectively. Moreover, randomised smoothing also introduced certifiable robustness, achieving 70.1% of samples certified for our model. The certification method provides an additional layer of reliability, ensuring that the model’s performance remains consistent and predictable even under adversarial conditions.
External IDs:dblp:journals/tmc/YinZYW25
Loading