NORMAN, Okla. – Song Fang, a researcher with the University of Oklahoma, has been awarded funding from the U.S. National Science Foundation to create training-free detection methods and novel countermeasures to protect sensitive information from emerging wireless eavesdropping techniques.
Wi-Fi networks blanket homes, offices and public spaces, but a little-known security vulnerability lurks in the signals that keep people online. The ability of attackers to intercept keystrokes and private conversations via wireless signals alone, without malware, cameras or physical access to devices, leaves people highly vulnerable.
Fang’s project will address this vulnerability by developing both advanced inference methods and practical defenses against wireless eavesdropping, marking a significant step forward in protecting user privacy in an increasingly connected world.
Though wireless signals are complex and depend on their surrounding physical environment, Fang compares their vulnerabilities to music.
“Think of these signals as invisible strings stretched throughout the environment. When someone types, speaks or moves, these actions gently ‘strum’ the strings, producing unique vibrations, like music, that subtly change the wireless signal patterns,” said Fang, a professor in the School of Computer Science.
“An unauthorized listener can ‘hear’ this music by analyzing how the signals fluctuate. By recognizing these patterns, the eavesdropper can infer which strings were plucked – in other words, which specific motions or activities, such as keystrokes or spoken words, occurred.”
The completely wireless nature of this vulnerability makes it especially concerning for everyday users, but previous inference methods were often impractical. This research marks a pivotal shift in the understanding of and defense against wireless-based privacy threats, which previously required a training phase to learn the relationship between signal changes and the corresponding content. By eliminating the need for training data, the project introduces a more agile approach to wireless inference, one that can operate in unfamiliar environments and adapt to new users without prior calibration.
“Traditional approaches are like a musician who must practice for a long time before recognizing which strings are plucked by listening to a piece of music. In contrast, our training-free wireless inference technique enables an ordinary listener to tell which strings were plucked after hearing the music only once, without any prior training or repetition,” Fang said.
Fang will develop proactive countermeasures that manipulate wireless channels to obscure or distort the signal patterns that attackers rely on. These defenses work by injecting misleading variations into the wireless environment, effectively scrambling the signal “music” that an eavesdropper might try to interpret. The result is a new class of security tools that can cloak sensitive activities without disrupting normal device function.
“Wireless channel manipulation aims to confuse wireless inference systems by deliberately changing the wireless channel measured by an eavesdropper. The signals the attacker observes still appear natural, but they no longer reflect the user’s real movements. In short, the defender intentionally alters the wireless signal patterns, so the inferred result is wrong or meaningless,” he said.
Much of modern life is dependent on wireless devices, and the ability to infer human activity from ambient signals is both a powerful tool and a potential threat. This project not only exposes the vulnerabilities of current wireless systems but will also lay the groundwork for a new generation of privacy-preserving technologies.
