CN107395646B - User behavior privacy protection method for CSI time-frequency domain information attack - Google Patents
User behavior privacy protection method for CSI time-frequency domain information attack Download PDFInfo
- Publication number
- CN107395646B CN107395646B CN201710791353.1A CN201710791353A CN107395646B CN 107395646 B CN107395646 B CN 107395646B CN 201710791353 A CN201710791353 A CN 201710791353A CN 107395646 B CN107395646 B CN 107395646B
- Authority
- CN
- China
- Prior art keywords
- user
- malicious
- value
- csi
- coordinates
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 41
- 230000006399 behavior Effects 0.000 claims description 11
- 238000004364 calculation method Methods 0.000 claims description 7
- 125000004432 carbon atom Chemical group C* 0.000 claims description 3
- 230000001133 acceleration Effects 0.000 description 17
- 238000010586 diagram Methods 0.000 description 8
- 230000005021 gait Effects 0.000 description 6
- 239000002131 composite material Substances 0.000 description 3
- 238000002474 experimental method Methods 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 206010000117 Abnormal behaviour Diseases 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000012417 linear regression Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 230000002194 synthesizing effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/52—Network services specially adapted for the location of the user terminal
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Medical Informatics (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
Abstract
The invention discloses a user behavior privacy protection method aiming at CSI time-frequency domain information attack, which comprises the steps of firstly detecting an SNR value of user behavior privacy through a mobile phone to judge whether a current area is safe or not, if not, specifically calculating the position of malicious equipment according to a signal attenuation model and correcting the position of the malicious equipment in real time by taking data in a user walking process as known data; and finally, determining the walking direction of the user according to the distribution position of the malicious equipment, and finally enabling the user to reach a safe area. The practical test proves that the steps, the step length and the direction estimated by the method are accurate, the positioning result of the method can reach the same precision compared with the positioning method using the signal attenuation model of the same type, and the method can effectively protect the privacy information of the user by guiding the user in real time, and the user can not influence the internet experience of the user in a safe area.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a user behavior privacy protection method aiming at CSI time-frequency domain information attack.
Background
WiFi is now an important component of the Internet of things, and in recent years, WiFi is used for indoor positioning, target tracking, gesture recognition, key detection, lip language recognition and the like. However, WiFi may also reveal the privacy of the user.
The method is used for unlocking graphs and digital passwords in most of mobile phones at present, and the security field finds that the unlocking is not safe, channel state information is very easy to obtain through a pair of transceivers, and the passwords input by a user are cracked under the condition that the user is not aware of, so that great threats are caused to the privacy of the user, and particularly when a payment treasure or WeChat payment is used, serious economic and property losses are caused if the passwords are cracked and identified. For example, the WiPass system can recognize the gesture of the user through WiFi signals to break the password input by the user without controlling the mobile phone of the user, even in the scene without light. The WiHear system enables the disabled to interact with the equipment only through language instructions, and enables the equipment to do things the disabled wants to do, so that the life of the disabled is greatly facilitated. Because the wigear system can be implemented by using the current wireless signal transmitter, when the wigear system is used in some private places, for example, there is a wireless router in a company meeting, the content of the company meeting is likely to be acquired by an attacker, and the attacker may acquire the business secrets of the company, and if the business secrets are leaked, the company may be subjected to immeasurable economic loss. The WiKey system realizes fine-grained key detection, and if an attacker installs a wireless signal transmitting terminal in a high-level leader office of a company, information input by a leader on a computer is likely to be acquired by the attacker.
At present, acceleration sensors and direction sensors are built in almost all mobile phones, and developers can conveniently develop software to acquire sensor data and store the sensor data in real time based on the characteristic of Android open sources. The motion information of the target can be measured by using motion sensors such as an accelerometer, a magnetometer and a gyroscope in the smart phone, the course and the distance of the target can be calculated according to the information, and the position of the target can be calculated by combining the initial position of the target.
Disclosure of Invention
Aiming at the problems in the prior art, the invention aims to provide a user behavior privacy protection method aiming at CSI time-frequency domain information attack, which guides a user to reach a safe area and then inputs privacy information through a mobile phone so as to avoid stealing the privacy information.
In order to realize the task, the invention adopts the following technical scheme:
a user behavior privacy protection method aiming at CSI time-frequency domain information attack comprises the following steps:
step one, judging whether the current position is a safe area or not
After the user walks into a public place and reaches a certain position, calculating the SNR value of the current position by the following formula:
in the above formula, csimIs the average value CSI of the CSI collected by the mobile phone when the user slides the screen rightwards on the screen by a fingercThe average value of CSI collected by the mobile phone in a period of time before the user slides the screen is shown as CSImThe noise value contained in (1);
judging whether the SNR value calculated by the formula is larger than a set threshold value, if so, judging that the current position is not a safe area, and executing the next step; otherwise, the user can input the privacy information at the current position through the mobile phone;
secondly, positioning the malicious equipment
Recording the position of a user just entering a public place as an initial position, and calculating the step number, the step length and the position coordinate of each step of the user through information acquired by a built-in sensor of the mobile phone in the time when the user walks from the initial position to the position;
calculating the proportion of the malicious equipment to the step position according to the RSSI value acquired by the user at the step positionThe calculation formula is as follows:
in the above formula, the first and second carbon atoms are,rssifor the RSSI value obtained by the user at the ith step location,the distance from the malicious equipment to the ith step position is shown, n is a path loss parameter, and the value is 2-9;
recording the position of each step of the user as a known reference point, and calculating a series of position coordinates of the malicious equipment at the position of the ith step according to the coordinates of the known reference point; then, according to the known reference point and the position coordinates of the malicious equipment, the proportion d of the malicious equipment to the ith step position is recalculated1/di;
According toAnd d1/diDetermining actual location coordinates of the malicious device from the series of location coordinates;
step three, the safe area guides in real time
Calculating an angle theta between the current position of the user and the malicious equipment;
determining the angular range of the walking direction of the user, namely: [ theta +90 DEG, theta +270 DEG ]
And guiding the user to walk towards the angle range, so that the safety area can be reached.
Further, when a plurality of malicious devices exist, the angle of the current position of each malicious device and the user is respectively calculated, then the intersection of the angle ranges corresponding to each malicious device is calculated, and then the user is guided to walk towards the intersection angle range.
Furthermore, the coordinate system corresponding to the position coordinates in the second step is a coordinate system in which the initial position of the user is the origin, the east direction is the positive direction of the X axis, the north direction is the positive direction of the Y axis, and the direction perpendicular to the XY plane and away from the ground is the Z axis.
Further, in the second step, according to the coordinates of the known reference point, a formula for calculating a series of position coordinates of the malicious device at the ith step position is as follows:
a θ ═ B formula 3
Wherein:
in the above equation, (X, Y, Z) is the position coordinates of the malicious device,(xi,yi,zi) The position coordinate of the user in the ith step is represented by i ∈ (2, m); n is a path loss parameter, and the value of n is 2-9;
when n in equation 3 takes different values, a series of location coordinates (X) of the malicious device can be calculatedn,Yn,Zn)。
Further, in the second step, the proportion d of the malicious device to the ith step position is recalculated1/diThe formula of (1) is:
further, the method for determining the actual position coordinates of the malicious device includes:
at the ith step position, when n takes different values, equations 2 and 4 respectively calculate different values, and then the optimum n value n is determined according to the following equationopt:
The coordinate position of the malicious device corresponding to the optimal n value is the actual position of the malicious device.
The invention has the following technical characteristics:
the practical test proves that the steps, the step length and the direction estimated by the method are accurate, the positioning result of the method can reach the same precision compared with the positioning method using the signal attenuation model of the same type, and the method can effectively protect the privacy information of the user by guiding the user in real time, and the user can not influence the internet experience of the user in a safe area.
Drawings
Fig. 1 is several situations where a user uses a mobile phone to present a privacy disclosure risk when a malicious device exists in an environment, where (a) is a schematic diagram of an in-band signal attack, (b) is a schematic diagram of an out-of-band signal attack, (c) is a schematic diagram of an outdoor scene malicious device attack, and (d) is a schematic diagram of a multi-malicious device attack;
FIG. 2 is a graph of SNR values versus attack success rate;
FIG. 3 is a graph of composite acceleration over time;
FIG. 4 is a schematic diagram of a user walking to different locations when determining the location of a malicious device;
FIG. 5 is a schematic diagram of actual positions of malicious devices calculated by a user at different positions;
FIG. 6 is a diagram illustrating a walking range of a user guided by a plurality of malicious devices;
FIG. 7 is a schematic diagram of secure area boot;
FIG. 8 is a graph of SNR values of gait during walking of a user versus SNR values of privacy information input by the user;
Detailed Description
As shown in fig. 1, after a user arrives at a certain area, if a transmitting end and a receiving end of WIFI exists in the area, when the position of the user is closer to a device deployed by an attacker, the attacker can acquire a CSI value when the user inputs privacy information by using the receiving end of the user, and then the attacker can easily crack the privacy information of the user by combining with an attack knowledge base of the attacker, such as an unlock password, a pay-for-treasure password, and a WeChat payment password, and at this time, the user has a risk of privacy disclosure. The invention provides a privacy behavior protection method capable of detecting whether a current area is safe or not and guiding a user to reach a safe area if the current area is not safe, which specifically comprises the following steps:
a user behavior privacy protection method aiming at CSI time-frequency domain information attack comprises the following steps:
step one, judging whether the current position is a safe area or not
Installing csi tool acquisition software in a mobile phone of a user, wherein the software acquires a csi value once every fixed time, such as 1 s; when the user walks into a public place and reaches a certain position, the SNR value of the current position is calculated by the following formula:
in the above formula, csimIs the average value CSI of the CSI collected by the mobile phone when the user slides the screen rightwards on the screen by a fingercThe average value of CSI collected by the mobile phone in a period of time before the user slides the screen is shown as CSImThe noise value contained in (a). Judging whether the SNR value calculated by the formula is larger than a set threshold value, if so, judging that the current position is not a safe area, and executing the next step; otherwise, the user can input the privacy information at the current position through the mobile phone.
The step judges whether the current position is safe or not according to the SNR value, and the judgment principle is as follows: the inventor team finds that a linear regression relationship exists between the SNR value and the success rate, and the SNR value can be used for evaluating the success rate of an attacker. The time for the user to input the private information is generally several seconds, and the number of csis received per second is generally 100 to 2000 (depending on the sampling rate), and the value of csi used in the above calculation is the average value of the received csis.
According to experimental experience, the relation between the SNR value and the attack success rate r is shown as the following formula:
r=(p1×SNR+p2)/((SNR)3+q1×(SNR)2+q2×SNR+q3)
in the above formula, p1,p2,q1,q2,q3The SNR value is a constant parameter, and is the SNR value obtained by equation 1. The inventor obtains the SNR value and the attack success rate by performing experiments on 15 pattern ciphers at different distances, and then fits the SNR value and the attack success rate through the formula to establish a relation, wherein the fitted curve is shown in FIG. 2. Through the SNR value and the attack success rate obtained by experiments, the value p of the constant parameter can be obtained1=1081,p2=543.9,q1=-1033,q2=4657,q3=2582。
In order to judge whether the current position is safe, the method adopts a simulation input mode, namely, a user slides the screen from left to right by using fingers, and the action is used for simulating the user to input information on the mobile phone screen. In this process, the csi mentioned above can be collectedm. Before a user inputs private information, the user generally has time in seconds to do what operation and does not do, and csi in the methodcThe CSI values for this time are collected. From the amplitude curve of the CSI value, it can be seen which segment is the rest time and which segment is the privacy information input time, the amplitude of the CSI at the rest time is stable and remains on a horizontal line, and the amplitude of the CSI at the privacy information input time fluctuates. The rest time can be determined by the amplitude stability of the CSI before or after the user inputs the private information, and generally 1s to 3s is enough. When calculating in formula 1, a period of time before sliding the screen can be 1 s-3 s, and the average value of the CSI acquired during the period of time is used as CSIc. The SNR value can be calculated by the formula 1, then the probability of the attack success possibility of the user at the position is calculated according to the relation between the SNR value and the success rate, and when the probability of the attack success is larger than a threshold value, the current region is indicatedIf the domain is unsafe and the privacy leakage risk exists, the user is guided to reach the safe region by the following method and then the privacy information is input; if the privacy information is smaller than the threshold value, the risk that the privacy of the current area is leaked is low, and the user can input the privacy information at the current position through a mobile phone. According to practical experimental experience, the threshold value in the scheme can be set to-2.
Secondly, positioning the malicious equipment
The principle adopted in the second step is as follows:
because the RSSI value has a relation with the propagation distance and can be directly obtained by a mobile phone, in the invention, a signal propagation model is utilized to position a malicious position. The signal propagation model formula is as follows:
d=10(|RSSI|-A)/(10*n)
wherein: d is the calculated distance, RSSI is the received signal strength, A is the signal strength when the transmitting end (malicious equipment) and the receiving end (user's mobile phone) are separated by 1m, n is the environmental attenuation factor, and the value range of n is 2-9. However, when entering a public place, since the sender is an attacker, the above a and n are unknown. We need to obtain a and n in advance, so we can use the walking information of the user after entering the public place to obtain the unknown parameters, and then perform positioning.
Recording the position of a user just entering a public place as an initial position, and calculating the step number, the step length and the position coordinate of each step of the user through information acquired by a built-in sensor (an accelerometer, a magnetometer, a gyroscope and the like) of the mobile phone in the period of time when the user walks from the initial position to the position; the method comprises the following specific steps:
in the scheme, an XYZ coordinate system can be established by taking the position of the user just before entering the public place as an initial position (original point), wherein the east direction is the positive direction of an X axis, the north direction is the positive direction of a Y axis, and the direction perpendicular to an XY plane and far away from the ground is a Z axis.
(1) Step number estimation
In order to estimate the distance traveled by the user, the number of steps traveled by the user needs to be estimated first, and when the difference between the estimated number of steps and the actual number of steps traveled is large, the estimated distance traveled for the short distance in the experiment will generate a large error, so that the number of steps traveled by the user needs to be estimated accurately.
When a user holds the mobile phone by hand to walk, the acceleration sensor can be acted to a certain extent due to the fact that the steps fluctuate up and down. If the acceleration sensor data in a single direction is selected, it is too unilateral, because the fluctuation of the body of the user is in multiple directions during the walking process, the acceleration sensor data in multiple directions needs to be considered, so the step number estimation is carried out by using the synthesized acceleration, and the specific calculation formula of the synthesized acceleration is as follows:
in the above formula, X, Y, Z are data of acceleration sensors in three directions of X, Y, and Z, respectively; after the composite acceleration is calculated, the peak value of the composite acceleration (which can be implemented by findpeaks) is found, and the number of the found peak value is the number of steps, as shown in fig. 3.
By comparing the accuracy of the acceleration sensor data with the accuracy of the step number estimation of the synthesized acceleration data, it is derived that the step number walked by the user can be estimated more easily using the synthesized acceleration, and thus the step number is estimated using the synthesized acceleration. In order to improve the accuracy of step number estimation and reduce the large error of step number estimation caused by artificial factors such as abnormal behaviors of rapidly shaking a mobile phone and the like, a reasonable peak value range needs to be set according to the actual situation when the step number is estimated by using the synthetic acceleration, and similarly, the walking frequency of a person during walking cannot be very high, so that the minimum distance between two wave peaks needs to be set, the accuracy of step number estimation is improved through the limitation of the two aspects, and the step number estimation error is reduced.
(2) Step size estimation
After the number of steps of the user walking can be obtained through the step (1), the step length of each step of the user also needs to be calculated, and the distance of the user walking can be obtained by combining with step number estimation. The present invention estimates the step size using the following formula:
in the above formula: y isiStep i, taking the step length, and taking k as a coefficient, wherein the value is between 0 and 1; maxiFor the maximum value of the resultant acceleration of step i, miniAnd synthesizing the minimum value of the acceleration in the step i.
The total distance of the user in the whole walking path is the sum of the step length of each step, so that the walking distance of the user can be obtained, and the position coordinate of the user relative to the starting point can be positioned only by obtaining the walking direction of the user.
(3) Position coordinates of each step
The present invention uses the following formula to determine the position coordinates of each step of the user:
wherein E isiEast (X-axis) coordinates of step i, Ei-1Is the east (X-axis) coordinate of step i-1,is the included angle between the current direction of the step i and the Y axis, LiIs the step size of step i, NiIs the north (Y-axis) coordinate of step i, Ni-1Is the north (Y-axis) coordinate of step i-1, i.e., the position coordinate of each step calculated here is relative to the XYZ coordinate system described above.
The coordinate positions of the user in the walking process are shown in FIG. 4, the user is shown to walk 5 steps, and turns a curve in the fourth step, and we can regard the initial point of the user starting to walk as (x)10,0) can be calculated from the number of steps, the step size and the obtained data of the gyroscope, as shown in the figure. x is the number of1Representing the first location point where the user walks.
The method and the device utilize data in the walking process of the user as known data, specifically calculate the position of the malicious equipment according to the signal attenuation model and correct the position of the malicious equipment in real time.
Calculating the proportion of the malicious equipment to the step position according to the RSSI value acquired by the user at the step positionThe calculation formula is as follows:
in the above formula, the first and second carbon atoms are,rssifor the RSSI value obtained by the user at the ith step location,the distance from the malicious equipment to the ith step position is shown, n is a path loss parameter, and the value is 2-9;
recording the position of each step of the user as a known reference point, and calculating a series of position coordinates of the malicious equipment at the position of the ith step according to the coordinates of the known reference point, specifically:
a θ ═ B formula 3
Wherein:
in the above equation, (X, Y, Z) is the position coordinates of the malicious device,(xi,yi,zi) The position coordinate of the user in the ith step is represented by i ∈ (2, m); n is a path loss parameter, and the value of n is 2-9; in an unknown public place, only n is unknown, other parameters can be obtained by a mobile phone sensor, however, n ranges from 2 to 9, and when one is takenBy taking n as an example, 3.25, the location coordinates of the malicious device can be calculated.
When n in equation 3 takes different values, a series of location coordinates (X) of the malicious device can be calculatedn,Yn,Zn) The most accurate one of these location coordinates needs to be selected as the actual location of the malicious device determined by the user at the ith location.
Next, the ratio d of the malicious device to the ith step position needs to be re-determined1/di:
The parameters in formula 4 have the same meanings as above.
At the ith step position, when n takes different values, equations 2 and 4 respectively calculate different values, and then the optimum n value n is determined according to the following equationopt:
The coordinate position of the malicious device corresponding to the optimal n value in the position coordinates of the series of malicious devices is the actual position (X) of the malicious device0,Y0,Z0). In the scheme, a grid strategy can be adopted for the value of n, and the coordinate position of the corresponding malicious equipment is calculated by adding 0.05 from 2-9 times, so that the most accurate position is selected.
Because the RSSI measurement value has an error, the RSSI value measured at a certain step may have a large error, and if the data of the step is used as a reference point for calculation, the calculated position of the malicious device is inaccurate.
Through experience, it can be known that when the number of the reference nodes is known to be 4, the positioning error can meet the requirement, and therefore, in the present invention, according to the method in the second step, the continuous 4-step positions are calculated as the actual positions of the malicious devices corresponding to the reference nodes, and then the positions are averaged, so that the positions of the malicious devices can be more accurate, as shown in fig. 5. For example, when the user walks 8 steps, the position of the step 1, 2,3, or 4 may be used as a reference node to obtain a position of the malicious device, or the position of the step 2,3,4, or 5 may be used as a reference node to obtain a position of the malicious device, and then an average value is calculated for the obtained positions to obtain a final position coordinate of the malicious device.
Step three, the safe area guides in real time
Calculating an angle theta between the current position of the user and the malicious device in an XYZ coordinate system, wherein the calculation formula is as follows:
in the above formula, (X)0,Y0) Location coordinates for a malicious device, (x)i,yi) The current position coordinates of the user (ignoring the angle in the Z-axis direction).
Determining the angular range of the walking direction of the user, namely: [ theta +90 DEG, theta +270 DEG ].
And guiding the user to walk towards the angle range, so that the safety area can be reached. When a plurality of malicious devices exist, the angles of the current positions of each malicious device and the user are respectively calculated, then the intersection of the angle ranges corresponding to each malicious device is calculated, and then the user is guided to walk towards the intersection angle ranges. For example, if the angle between the user and the malicious device 1 is 30 degrees, the direction in which the user should walk is [120 degrees, 300 degrees ], and the angle between the user and the malicious device 2 is 120 degrees, the direction in which the user should walk is [240 degrees, 360 degrees ] & [0 degrees, 30 degrees ], the intersection of the two sets is obtained, the intersection is [240 degrees, 300 degrees ], and the direction angle prompted to the user is [240 degrees, 300 degrees ], as shown in fig. 6. And if the user does not walk according to the specified route, the steps are carried out again, and real-time guidance is carried out.
Collecting CSI values generated by gait of a user in a walking process, then calculating SNR values of the gait, inferring the SNR value of privacy information (namely the action of sliding a screen to the right) according to the SNR values of the gait, then judging whether the current position is a safe region or not according to the inferred SNR value of the privacy information, if the current position is the safe region, prompting the user without walking, and if the current position is an unsafe region, continuing guiding the user.
The principle of this step is as follows:
after estimating the location coordinates of the malicious device, the system may give the user a safe direction guide based on the relative location of the user and the malicious device. As shown in fig. 6, when the user is at the point P, if there is only one rogue AP1 (rogue device) in the space, the user may walk directly in the opposite direction, and if there are multiple rogue APs, the relative positions of the user and the multiple rogue APs need to be considered, as shown in the figure, the user may walk in the directions of T1, T2, T5, and T6.
After the system gives the user safe directions, the user can walk according to the directions given by the method, but sometimes the directions given by the system are not the directions that the user really wants to go, so that the system is required to give real-time guidance to the user by combining the sensor data, as shown in fig. 7.
When a user walks to a safe area, the system can deduce the SNR value of the privacy information in real time according to the relation between the SNR value of the walking process of the user and the SNR value when the user inputs the privacy information, then further deduce the probability of attack success, and when the probability is less than a certain threshold value, the place where the user walks is considered to be safe.
The relation between the SNR value of the gait and the SNR value of the privacy information input by the user in the walking process of the user is shown in FIG. 8, and the proportion is about 1, so that the proportion 1 can be directly used in the invention, namely the SNR value generated by the gait is regarded as the SNR value generated when the user slides the screen to the right (inputs the privacy information), and whether the current position is safe or not is judged according to the method of the first step.
Claims (6)
1. A user behavior privacy protection method aiming at CSI time-frequency domain information attack is characterized by comprising the following steps:
step one, judging whether the current position is a safe area or not
After a user walks into a public place and arrives at a certain position, calculating a signal-to-noise ratio (SNR) value of the current position by the following formula:
in the above formula, csimIs the average value of the Channel State Information (CSI), CSI, collected by the mobile phone when the user slides the screen to the right through the fingercThe average value of CSI collected by the mobile phone in a period of time before the user slides the screen is shown as CSImThe noise value contained in (1);
judging whether the SNR value calculated by the formula is larger than a set threshold value, if so, judging that the current position is not a safe area, and executing the next step; otherwise, the user can input the privacy information at the current position through the mobile phone;
secondly, positioning the malicious equipment
Recording the position of a user just entering a public place as an initial position, and calculating the step number, the step length and the position coordinate of each step of the user through information acquired by a built-in sensor of the mobile phone in the time when the user walks from the initial position to the position;
calculating the proportion of the malicious equipment to the step position according to the Received Signal Strength (RSSI) value acquired by the user at the step positionThe calculation formula is as follows:
in the above formula, the first and second carbon atoms are,rssifor the RSSI value obtained by the user at the ith step location,is a malicious device toThe distance at the position of the ith step is n, and the value of n is 2-9, wherein n is a path loss parameter;
recording the position of each step of the user as a known reference point, and calculating a series of position coordinates of the malicious equipment at the position of the ith step according to the coordinates of the known reference point; then, according to the known reference point and the position coordinates of the malicious equipment, the proportion d of the malicious equipment to the ith step position is recalculated1/di;
According toAnd d1/diDetermining actual location coordinates of the malicious device from the series of location coordinates;
step three, the safe area guides in real time
Calculating an angle theta between the current position of the user and the malicious equipment;
determining the angular range of the walking direction of the user, namely: [ theta +90 DEG, theta +270 DEG ]
And guiding the user to walk towards the angle range, so that the safety area can be reached.
2. The method for protecting user behavior privacy against CSI time-frequency domain information attack as claimed in claim 1, wherein when there are multiple malicious devices, the angle of the current location of each malicious device and the user is calculated respectively, then the intersection of the angle ranges corresponding to each malicious device is calculated, and then the user is guided to walk towards the intersection angle range.
3. The method according to claim 1, wherein the coordinate system to which the position coordinates in step two are relative is a coordinate system in which an initial position of the user is an origin, a positive direction of an X axis is toward the east, a positive direction of a Y axis is toward the north, and a direction perpendicular to an XY plane and away from the ground is a Z axis.
4. The method for protecting user behavior privacy against CSI time-frequency domain information attack as claimed in claim 1, wherein in step two, the formula for calculating a series of location coordinates of the malicious device at the ith step location according to the coordinates of the known reference point is:
a θ ═ B (formula 3)
Wherein:
in the above equation, (X, Y, Z) is the position coordinates of the malicious device,(xi,yi,zi) The position coordinate of the user in the ith step is represented by i ∈ (2, m), and m is the total step number of the user; n is a path loss parameter, and the value of n is 2-9;
when n in equation 3 takes different values, a series of location coordinates (X) of the malicious device can be calculatedn,Yn,Zn)。
6. the method for protecting user behavior privacy against CSI time-frequency domain information attack as claimed in claim 1, wherein the method for determining the actual location coordinate of the malicious device is:
at the ith step position, when n takes different values, equations 2 and 4 are respectively calculatedDifferent values, and then determining the optimal n value n according to the following formulaopt:
The coordinate position of the malicious device corresponding to the optimal n value is the actual position of the malicious device.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710791353.1A CN107395646B (en) | 2017-09-05 | 2017-09-05 | User behavior privacy protection method for CSI time-frequency domain information attack |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710791353.1A CN107395646B (en) | 2017-09-05 | 2017-09-05 | User behavior privacy protection method for CSI time-frequency domain information attack |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107395646A CN107395646A (en) | 2017-11-24 |
CN107395646B true CN107395646B (en) | 2020-06-05 |
Family
ID=60349289
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710791353.1A Expired - Fee Related CN107395646B (en) | 2017-09-05 | 2017-09-05 | User behavior privacy protection method for CSI time-frequency domain information attack |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107395646B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102869013A (en) * | 2012-08-29 | 2013-01-09 | 北京邮电大学 | Secure communication system based on wireless channel characteristic |
CN104766427A (en) * | 2015-04-27 | 2015-07-08 | 太原理工大学 | Detection method for illegal invasion of house based on Wi-Fi |
CN106060811A (en) * | 2016-07-05 | 2016-10-26 | 西北大学 | User behavior privacy protection method based on channel interference |
CN106413074A (en) * | 2016-10-11 | 2017-02-15 | 西北工业大学 | Optimal power allocation method of untrusted relay network under perfect CSI |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8446844B1 (en) * | 2011-12-04 | 2013-05-21 | Ofinno Technologies, Llc | Handover in multicarrier wireless networks |
-
2017
- 2017-09-05 CN CN201710791353.1A patent/CN107395646B/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102869013A (en) * | 2012-08-29 | 2013-01-09 | 北京邮电大学 | Secure communication system based on wireless channel characteristic |
CN104766427A (en) * | 2015-04-27 | 2015-07-08 | 太原理工大学 | Detection method for illegal invasion of house based on Wi-Fi |
CN106060811A (en) * | 2016-07-05 | 2016-10-26 | 西北大学 | User behavior privacy protection method based on channel interference |
CN106413074A (en) * | 2016-10-11 | 2017-02-15 | 西北工业大学 | Optimal power allocation method of untrusted relay network under perfect CSI |
Non-Patent Citations (1)
Title |
---|
Protect Sensitive Information Against Channel State Information Based Attacks;Jie Zhang;《2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC)》;20170818;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN107395646A (en) | 2017-11-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Wu et al. | Mitigating large errors in WiFi-based indoor localization for smartphones | |
Li et al. | A smartphone localization algorithm using RSSI and inertial sensor measurement fusion | |
US9113310B2 (en) | Systems and methods for simultaneously and automatically creating databases of wifi signal information | |
CN103809153B (en) | Method and system for accurate straight line distance estimation between two communication devices | |
Yu et al. | NLOS identification and mitigation for mobile tracking | |
KR101634126B1 (en) | method, apparatus, and recording medium for estimating location | |
JP5093316B2 (en) | Information processing apparatus, information processing method, information processing system, and program | |
Cai et al. | CRIL: An efficient online adaptive indoor localization system | |
CN104197934B (en) | A kind of localization method based on earth magnetism, apparatus and system | |
Moreira et al. | Multiple simultaneous Wi-Fi measurements in fingerprinting indoor positioning | |
CN109511116A (en) | Consider the safety detecting method of the physical layer Verification System of hostile end computing capability | |
CN113766636B (en) | Apparatus and method for estimating position in wireless communication system | |
US20150031387A1 (en) | Compensation of the signal attenuation by human body in indoor wi-fi positioning | |
EP3618501B1 (en) | Selection of a wireless base station by a flying vehicle | |
CN109168166A (en) | The safety detecting method of physical layer Verification System | |
Huang et al. | Method and analysis of TOA-based localization in 5G ultra-dense networks with randomly distributed nodes | |
WO2016079656A1 (en) | Zero-calibration accurate rf-based localization system for realistic environments | |
Fang et al. | Compensating for orientation mismatch in robust Wi-Fi localization using histogram equalization | |
Traini et al. | Practical indoor localization via smartphone sensor data fusion techniques: A performance study | |
CN105806333A (en) | Method for judging indoor moving direction and mobile terminal | |
CN107395646B (en) | User behavior privacy protection method for CSI time-frequency domain information attack | |
CN109242782A (en) | Noise processing method and processing device | |
Zhao et al. | Adaptive range-based nonlinear filters for wireless indoor positioning system using dynamic Gaussian model | |
CA3094328C (en) | Magnetic parameter-based localization in mobile device navigation | |
Xu et al. | Fake access point localization based on optimal reference points |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20200605 |
|
CF01 | Termination of patent right due to non-payment of annual fee |