When CSI Meets Public WiFi - Inferring Your Mobile Phone Password via WiFi Signals

Explore a conference talk from CCS 2016 that delves into the security vulnerabilities of public WiFi networks and their potential to compromise mobile phone passwords. Learn how researchers from Shanghai Jiao Tong University, University of Massachusetts at Boston, and University of South Florida investigate the use of Channel State Information (CSI) to infer sensitive data input on mobile devices. Discover the attack scenario, challenges, and system design of this novel approach, including ICMP-based CSI collection, sensitive input module, data preprocessing, and password inference techniques. Examine the classification methods used to distinguish between different numbers and infer 6-digit passwords. Gain insights into the influence factors, limitations, and implications of this research for online mobile payment security and WiFi-based recognition systems.

Intro
Background
Online Mobile Payment
Payment Protections
Channel State Information
Existing Works about CSI Based Recognition
CSI - Hand motion
CSI - Finger motion
OUTLINE
Attack Scenario
Challenges
System Design
ICMP based CSI Collection Module
ICMP based CSI Acquirement Module
Second Challenge
Sensitive Input Module
Third Challenge
Data Preprocessing Module
Signal Processing methods
Fourth Challenge
Password Inference Module
Classification between Different Numbers
Infer 6-digit password
Influence factors
Case Study
Limitations