CN112218296B - Method and system for authenticating multi-user based on wireless signal - Google Patents

Method and system for authenticating multi-user based on wireless signal Download PDF

Info

Publication number
CN112218296B
CN112218296B CN202011081529.2A CN202011081529A CN112218296B CN 112218296 B CN112218296 B CN 112218296B CN 202011081529 A CN202011081529 A CN 202011081529A CN 112218296 B CN112218296 B CN 112218296B
Authority
CN
China
Prior art keywords
user
multipath
neural network
csi
layer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011081529.2A
Other languages
Chinese (zh)
Other versions
CN112218296A (en
Inventor
俞嘉地
孔浩
卢立
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Jiaotong University
Original Assignee
Shanghai Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Jiaotong University filed Critical Shanghai Jiaotong University
Priority to CN202011081529.2A priority Critical patent/CN112218296B/en
Publication of CN112218296A publication Critical patent/CN112218296A/en
Application granted granted Critical
Publication of CN112218296B publication Critical patent/CN112218296B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods

Abstract

A multi-user authentication method and system based on wireless signals describe multi-path components which are influenced by a plurality of users individually under Wi-Fi signals through a multi-path arrival time measurement algorithm; the multipath components reflected by the users are aggregated and separated to obtain the multipath signal of each user, and the virtual CSI of each user is constructed based on the multipath reflected by each user; and then, fine-grained behavior characteristics of each user are extracted from the virtual CSI through a double-task model, so that multi-user authentication is realized. The invention realizes the identity authentication of each user aiming at a multi-user scene by means of the multipath effect of Wi-Fi signals.

Description

Method and system for authenticating multi-user based on wireless signal
Technical Field
The invention relates to a technology in the field of wireless communication safety, in particular to a method and a system for authenticating multi-user users based on wireless signals.
Background
With the increasing convergence of people and the network world, user identity authentication becomes crucial to support various emerging application scenarios requiring security assurance. Existing research utilizes Channel State Information (CSI) of wireless Wi-Fi signals to capture human behavioral actions for user identity authentication. However, the conventional method can only perform user authentication in a scene where a single user exists, but cannot perform user authentication in a scene where multiple users exist simultaneously.
In a multi-person scenario, the behavioral actions of each user may be individually perceived by the wireless signal in different propagation paths. Because the signals are propagated through different paths, and the arrival time of each multipath signal is different, different multipath signals can be distinguished through the arrival time, the information in each multipath signal is analyzed, the behavior characteristic of each user is extracted, and multi-user identity authentication is performed.
Disclosure of Invention
The invention provides a method and a system for authenticating multiple users based on wireless signals, aiming at the defect that the existing user authentication system based on wireless perception can only be performed in a single scene.
The invention is realized by the following technical scheme:
the invention relates to a method for authenticating multi-user based on wireless signals, which describes multipath components which are independently influenced by a plurality of users under Wi-Fi signals through a multipath arrival time measurement algorithm; the multipath components reflected by the users are aggregated and separated to obtain the multipath signal of each user, and the virtual CSI of each user is constructed based on the multipath reflected by each user; and then, fine-grained behavior characteristics of each user are extracted from the virtual CSI through a double-task model, so that multi-user authentication is realized.
The multipath arrival time measuring algorithm is as follows: the arrival time Δ t of each multipath is calculated as:
Figure GDA0003007144230000011
Figure GDA0003007144230000012
wherein: a (Δ t) is the phase shift caused by the arrival time Δ t, NIs the noise subspace of the measurement matrix of the signal, and H is the conjugate transpose of the complex matrix.
The virtual CSI is obtained through the following method:
1) virtual CSI per multipath of
Figure GDA0003007144230000021
Wherein: a isiIs the amplitude of the ith multipath signal, j is the imaginary unit,
Figure GDA0003007144230000022
2 π f Δ t as the initial phase of the ith multipath signaliFor the ith multipath signal by the arrival time DeltatiThe induced phase shift, f is the frequency of the subcarrier;
2) the virtual CSI for each multipath is estimated by solving an optimization problem:
Figure GDA0003007144230000023
Figure GDA0003007144230000024
wherein: n is the total number of multipath, and H is the value of the CSI which is actually collected;
3) calculating the optimization problem to obtain the amplitude of each multipath
Figure GDA0003007144230000025
And phase
Figure GDA0003007144230000026
Namely, the construction of virtual CSI of each multipath is realized.
4) Because each user corresponds to different multipaths, the virtual CSI of the multipaths corresponding to each user is added to obtain the virtual CSI corresponding to each user.
The double-task neural network model comprises the following steps: the system comprises a CNN-RNN-based feature extractor, a full-connection layer and softmax layer-based action recognizer and a user authenticator.
Drawings
FIG. 1 is a flow chart of the present invention;
FIG. 2 is a schematic diagram of multi-path effect analysis in a multi-person scenario;
FIG. 3 is a schematic diagram of comparison between constructed virtual CSI and actually collected CSI;
FIG. 4 is a diagram of a model of a multitasking neural network;
fig. 5 is a schematic diagram of the user authentication false recognition rate and the user authentication rejection rate.
Detailed Description
As shown in fig. 1, this embodiment relates to a method for authenticating multiple users based on wireless signals, which uses Wi-Fi signals transmitted by a household Wi-Fi device as a medium for sensing actions of multiple users, and constructs a multiple user authentication model based on wireless signals, so as to authenticate multiple users at the same time. Due to multipath effects, wireless Wi-Fi signals reflected by different users have different arrival times, and therefore the signals reflected by each user individually can be separated according to the arrival time. Based on the signal reflected by each user, the unique behavior and action characteristics of the user are extracted from the signal, and the identity authentication of each user can be carried out in a multi-user scene.
The specific steps of the embodiment include:
step 1) collecting Channel State Information (CSI) in wireless Wi-Fi signals in a multi-person scene, rearranging and constructing the CSI of all subcarriers in each collected data packet to obtain a measurement matrix X, and calculating to obtain a covariance matrix R (XX)H(ii) a Then, an eigen matrix corresponding to M-D smaller eigenvalues is selected from the covariance matrix and a noise subspace is formedN(ii) a The arrival time Δ t of each multipath is measured:
Figure GDA0003007144230000027
wherein: NFor the noise subspace, a (Δ t) is the phase offset caused by the arrival time Δ t, and then each multipath of the Wi-Fi signal under the current environment is passed through PMUThe (Δ t) is shown as a peak in the graph.
The smaller characteristic values are: and removing the front D eigenvalues from the M eigenvalues of the covariance matrix which are sorted from large to small, and selecting the rest M-D eigenvalues.
Step 2) as shown in fig. 2, in a multi-user scenario, there are multiple Wi-Fi signal multipaths, which are shown with higher energy, corresponding to the signal reflections of two users. Based on the multipath signals reflected by each user, the system separates the multipath signals of different users according to the difference of the arrival time delta t, and aggregates the multipath signals of the same user, specifically: when the difference value of the delta t of the two multipaths exceeds a preset threshold value, namely the path lengths of the two multipaths have larger difference, the two multipaths are reflected by different users, and the two multipaths are respectively marked as signals of different users; otherwise, when the difference of the Δ t of two multipaths is lower than the threshold, that is, the lengths of the two multipaths are similar, the two multipaths are reflected from different body parts of the same person, and the two multipaths are labeled as signals of the same user.
Step 3) constructing a corresponding virtual CSI based on the aggregated multipath signals of each user to simulate CSI data of each user in a single scene, namely firstly constructing the CSI of each multipath signal, and then constructing the CSI of a plurality of multipath signals corresponding to each user to obtain the virtual CSI of the user, specifically:
3.1) virtual CSI per multipath of
Figure GDA0003007144230000031
Wherein: a isiIs the amplitude of the ith multipath signal,
Figure GDA0003007144230000032
2 π f Δ t as the initial phase of the ith multipath signaliFor the ith multipath signal by the arrival time DeltatiThe induced phase shift;
3.2) in a theoretical case, the sum of the values of the virtual CSI of all multipath signals is equal to the value of the actually collected CSI, i.e. the virtual CSI of each multipath is estimated by solving an optimization problem:
Figure GDA0003007144230000033
wherein: n is the total number of multipath, and H is the value of the CSI which is actually collected;
3.3) calculating the optimization problem to obtain the amplitude of each multipath
Figure GDA0003007144230000034
And phase
Figure GDA0003007144230000035
I.e. implementing each multipathAnd constructing virtual CSI.
And 3.4) adding the multi-path virtual CSI corresponding to each user to obtain the virtual CSI corresponding to each user as each user corresponds to different multi-paths.
As shown in fig. 3, the single-user virtual CSI constructed in the multi-user scenario is similar to the actually collected single-user CSI, which proves that the virtual CSI constructed by the system can better simulate the CSI in the single-user scenario.
Step 4) constructing a dual-task model based on a convolutional neural network-recurrent neural network (CNN-RNN) as shown in FIG. 4 to extract the unique behavior and action characteristics of each user for user identity authentication, wherein the dual-task neural network model comprises: CNN-RNN-based feature extractor, full connectivity layer and softmax layer-based action recognizer and user authenticator, wherein: the feature extractor for extracting the user behavior features hidden in the virtual CSI comprises a three-layer convolutional neural network CNN and a two-layer recurrent neural network RNN which are sequentially overlapped, the action recognizer improves the overall learning efficiency and prediction accuracy of the model by recognizing action types, and the user authenticator carries out identity authentication by using the extracted behavior features.
In the convolutional neural network, a first convolutional layer has 32 convolutional kernels with the size of 5 multiplied by 5, a second convolutional layer has 64 convolutional kernels with the size of 4 multiplied by 4, and a third convolutional layer has 128 convolutional kernels with the size of 3 multiplied by 3; the three pooling layers are all the largest pooling layers of size 2 x 2.
The recurrent neural network comprises two RNNs with gate-controlled recurrent unit (GRU) units, the number of recurrent steps of the RNN is 10, the number of hidden layer neurons is 200, the number of output neurons is 6, and GRU cores are used.
Action recognizer and user authentication ware all include two-layer full connection layer and one deck softmax layer of superpose in proper order, wherein the first layer of full connection layer is the full connection layer of constituteing by 1024 neurons, the second floor is the full connection layer of 6 neurons.
Step 5) when a plurality of users authenticate, identity registration is firstly carried out, namely each user independently executes predefined behavior and action for a plurality of times, collected signals are processed in steps 1-3, and obtained identity labels, action labels and corresponding data of the users form a training set to train the double-task neural network model in step 4; and then under a multi-user authentication scene, acquiring Wi-Fi signals influenced by user actions, and respectively obtaining the identity of each user through a double-task neural network model after the steps 1 to 4, so as to realize multi-user authentication.
The identity tag, the action tag and the corresponding data specifically refer to: the true identity of the user, the actions performed by the user, and the corresponding CSI data.
In the training, the CSI data of each behavior and action of the user is used as training data, the corresponding identity and action are used as training labels, and 1000 rounds of neural network training are executed, so that the loss function of the neural network is continuously reduced and kept stable.
By performing specific experiments in an indoor environment: the system is deployed in a notebook computer (model HP Pavilion 14), the computer needs to run an Ubuntu14.04 operating system and is provided with an Atheros wireless network card AR9580, and channel state information of 56 subcarriers of Wi-Fi signals can be provided. Wi-Fi signals of the 802.11n standard are transmitted continuously using a commercial Wi-Fi router TP-LINK-WDR 5620. 15 volunteers were recruited, 10 of which were registered users and 5 were invaders. Registered users first register their identity in the system. In the authentication stage, the registered user and the invader perform user authentication in the scene of one person, two persons and three persons respectively.
As shown in fig. 5, the false recognition rate and the rejection rate of the method are shown when multiple users are authenticated. The false recognition rate refers to a probability of misidentifying a user as another user or an intruder, and the false recognition rate refers to a probability of misidentifying a user as another user or an intruder. Specifically, the invention realizes the false recognition rate of 7.4%, 8.8% and 10.6% and the rejection rate of 3.9%, 5.6% and 6.2% under the scene of single, double and three-person authentication.
In conclusion, the invention can simultaneously authenticate 2 users and 3 users with higher precision, the difference between the performance of the invention and the performance of single-user authentication is smaller, and the reliability and the practicability of the invention in the aspect of multi-user authentication are verified.
The foregoing embodiments may be modified in many different ways by those skilled in the art without departing from the spirit and scope of the invention, which is defined by the appended claims and all changes that come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein.

Claims (8)

1. A method for authenticating multi-user based on wireless signals is characterized in that multipath components which are influenced by a plurality of users individually under Wi-Fi signals are described through a multipath arrival time measuring algorithm; the multipath components reflected by the users are aggregated and separated to obtain the multipath signal of each user, and the virtual CSI of each user is constructed based on the multipath reflected by each user; then, fine-grained behavior characteristics of each user are extracted from the virtual CSI through a double-task model, and multi-user authentication is achieved;
the double-task neural network model comprises the following steps: CNN-RNN-based feature extractor, full connectivity layer and softmax layer-based action recognizer and user authenticator, wherein: the feature extractor for extracting the user behavior features hidden in the virtual CSI comprises a three-layer convolutional neural network CNN and a two-layer recurrent neural network RNN which are sequentially overlapped, the action recognizer improves the overall learning efficiency and prediction accuracy of the model by recognizing action types, and the user authenticator carries out identity authentication by using the extracted behavior features;
the virtual CSI is obtained through the following method:
1) virtual CSI per multipath of
Figure FDA0003019339590000011
Wherein: a isiIs the amplitude of the ith multipath signal, j is the imaginary unit,
Figure FDA0003019339590000012
2 π f Δ t as the initial phase of the ith multipath signaliFor the ith multipath signal by the arrival time DeltatiCause toF is the frequency of the subcarrier;
2) the virtual CSI for each multipath is estimated by solving an optimization problem:
Figure FDA0003019339590000013
wherein: n is the total number of multipath, and H is the value of the CSI which is actually collected;
3) calculating the optimization problem to obtain the amplitude of each multipath
Figure FDA0003019339590000014
And phase
Figure FDA0003019339590000015
Namely, the construction of the virtual CSI of each multipath is realized;
4) because each user corresponds to different multipaths, the virtual CSI of the multipaths corresponding to each user is added to obtain the virtual CSI corresponding to each user.
2. The method as claimed in claim 1, wherein the multipath time of arrival measurement algorithm is: the arrival time Δ t of each multipath is calculated as:
Figure FDA0003019339590000016
wherein: a (Δ t) is the phase shift, U, due to the arrival time Δ tNIs the noise subspace of the measurement matrix of the signal, and H is the conjugate transpose of the complex matrix.
3. The wireless-signal-based multi-user authentication method of claim 1, wherein the convolutional neural network has a first convolutional layer having 32 convolutional kernels of 5 x 5 size, a second convolutional layer having 64 convolutional kernels of 4 x 4 size, and a third convolutional layer having 128 convolutional kernels of 3 x 3 size; the three pooling layers are all the largest pooling layers of size 2 x 2.
4. The method of claim 1, wherein the recurrent neural network comprises two RNNs with gated recurrent unit, the RNN has 10 recurrent steps, 200 hidden neurons, 6 output neurons, and GRU kernel.
5. The method of claim 1, wherein the action recognizer and the user authenticator both comprise two fully-connected layers and a softmax layer stacked in sequence, wherein the first layer of the fully-connected layers is a fully-connected layer consisting of 1024 neurons, and the second layer is a fully-connected layer consisting of 6 neurons.
6. The method of claim 1, wherein during multi-user authentication, identity registration is performed, that is, each user individually performs predefined behavior and action for multiple times, and the collected signals are processed to obtain user identity tags, action tags and corresponding data to form a training set to train the multitask neural network model; and then under a multi-user authentication scene, acquiring the identity of each user through a double-task neural network model after acquiring the Wi-Fi signals influenced by the user action, so as to realize multi-user authentication.
7. The method of claim 6, wherein the bi-tasking neural network model is trained by: and taking the CSI data of each behavior and action of the user as training data, taking the corresponding identity and action as training labels, and executing 1000 rounds of neural network training to continuously reduce and keep the loss function of the neural network stable.
8. The method of claim 6, wherein the identity tag, the action tag and the corresponding data are: the true identity of the user, the actions performed by the user, and the corresponding CSI data.
CN202011081529.2A 2020-10-12 2020-10-12 Method and system for authenticating multi-user based on wireless signal Active CN112218296B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011081529.2A CN112218296B (en) 2020-10-12 2020-10-12 Method and system for authenticating multi-user based on wireless signal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011081529.2A CN112218296B (en) 2020-10-12 2020-10-12 Method and system for authenticating multi-user based on wireless signal

Publications (2)

Publication Number Publication Date
CN112218296A CN112218296A (en) 2021-01-12
CN112218296B true CN112218296B (en) 2021-06-15

Family

ID=74053200

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011081529.2A Active CN112218296B (en) 2020-10-12 2020-10-12 Method and system for authenticating multi-user based on wireless signal

Country Status (1)

Country Link
CN (1) CN112218296B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104918249A (en) * 2015-05-04 2015-09-16 厦门大学 Wireless channel fingerprint method based on reinforcement learning
CN106709449A (en) * 2016-12-22 2017-05-24 深圳市深网视界科技有限公司 Pedestrian re-recognition method and system based on deep learning and reinforcement learning
CN107592632A (en) * 2017-08-14 2018-01-16 南京邮电大学 Radio physical layer authentication method based on time varying channel multidiameter feature
CN109413057A (en) * 2018-10-17 2019-03-01 上海交通大学 Smart home sequential authentication user method and system based on fine granularity finger gesture

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104918249A (en) * 2015-05-04 2015-09-16 厦门大学 Wireless channel fingerprint method based on reinforcement learning
CN106709449A (en) * 2016-12-22 2017-05-24 深圳市深网视界科技有限公司 Pedestrian re-recognition method and system based on deep learning and reinforcement learning
CN107592632A (en) * 2017-08-14 2018-01-16 南京邮电大学 Radio physical layer authentication method based on time varying channel multidiameter feature
CN109413057A (en) * 2018-10-17 2019-03-01 上海交通大学 Smart home sequential authentication user method and system based on fine granularity finger gesture

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"Non-invasive detection of moving and stationary human with WiFi";C. Wu等;《IEEE J.Sel. Areas Commu.》;20151130;第33卷(第11期);全文 *
"Omnidirectional coverage for device-free passive human detection";Z. Zhou等;《IEEE TRANS. Parallel Distrib. Syst.》;20140731;第25卷(第7期);全文 *
"基于WiFi信道状态信息的室内人员感知研究与实现";鲁翔;《中国优秀硕士学位论文全文数据库 信息科技辑 (月刊)》;20200115;全文 *

Also Published As

Publication number Publication date
CN112218296A (en) 2021-01-12

Similar Documents

Publication Publication Date Title
CN106658590B (en) Design and implementation of multi-person indoor environment state monitoring system based on WiFi channel state information
Hong et al. WFID: Passive device-free human identification using WiFi signal
Liu et al. WiCount: A deep learning approach for crowd counting using WiFi signals
Kayaoglu et al. Standard fingerprint databases: Manual minutiae labeling and matcher performance analyses
Arshad et al. Leveraging transfer learning in multiple human activity recognition using WiFi signal
CN103093133B (en) Biological identity authentication method facing institute of electrical and electronic engineers (IEEE) 802.15.6
NL2025648B1 (en) A physical layer authentication method for edge device Combining threshold and machine learning
Liao et al. A novel physical layer authentication method with convolutional neural network
Zhang et al. CSI-based human activity recognition with graph few-shot learning
CN109413057B (en) Smart home continuous user authentication method and system based on fine-grained finger gesture
CN110730473A (en) Signal feature extraction method for WiFi activity recognition
Xiao et al. Artificial intelligence empowered mobile sensing for human flow detection
Shao et al. Machine Learning-Assisted Sensing Techniques for Integrated Communications and Sensing in WLANs: Current Status and Future Directions.
CN103530657A (en) Deep learning human face identification method based on weighting L2 extraction
Sabek et al. MonoStream: A minimal-hardware high accuracy device-free WLAN localization system
CN110929242B (en) Method and system for carrying out attitude-independent continuous user authentication based on wireless signals
Wang et al. A survey of user authentication based on channel state information
CN112218296B (en) Method and system for authenticating multi-user based on wireless signal
CN113453180B (en) Intelligent detection method and system for human body tumble and information data processing terminal
Jayasundara et al. Device-free user authentication, activity classification and tracking using passive Wi-Fi sensing: a deep learning-based approach
Zeeshan et al. CSI-based device-free joint activity recognition and localization using Siamese networks
CN109784212A (en) A kind of biology typewriting recognition methods based on WiFi signal
RU172615U1 (en) Denial of Service Low Intensity Attack Detection Device
Shi et al. WiFi-based activity recognition using activity filter and enhanced correlation with deep learning
WO2024041053A1 (en) Indoor passive human behavior recognition method and apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant