1<!-- 2Author: Xianjun jiao 3SPDX-FileCopyrightText: 2021 UGent 4SPDX-License-Identifier: AGPL-3.0-or-later 5--> 6 7- [ACM WiSec 2021. Openwifi CSI fuzzer for authorized sensing and covert channels](https://dl.acm.org/doi/pdf/10.1145/3448300.3468255) 8- [Privacy Protection in WiFi Sensing via CSI Fuzzing](https://ieeexplore.ieee.org/abstract/document/10818006) 9 10CSI (Channel State Information) of WiFi systems is available in some WiFi chips and can be used for sensing the environment (keystrokes, people, object) passively and secretly. 11 12## Concept 13 14How could a CSI fuzzer stop unauthorized sensing? 15 16 17 18CSI fuzzer implementation principle. 19 20 21 22## Demo instructions 23 24Thanks to the full-duplex capability and CSI extraction feature of openwifi, you can monitor the artificial channel response via [side channel](./csi.md) by Tx-Rx over the air coupling without affecting the normal operation/traffic of openwifi. Before fuzzing the CSI, please follow [WiFi CSI radar via self CSI capturing](radar-self-csi.md) app note to setup normal self CSI monitoring. 25 26Then, start another ssh session to the openwifi board: 27``` 28ssh [email protected] 29(password: openwifi) 30 31cd openwifi 32 33./csi_fuzzer_scan.sh 1 34(CSI fuzzer applies possible artificial CSI by scanning all values) 35(csi_fuzzer.sh is called. Please read both scripts to understand these commands) 36``` 37 38Now you should see that CSI keeps changing like in this [video](https://youtu.be/aOPYwT77Qdw). 39 40# Further explanation on parameters 41 42CSI fuzzer in openwifi system architecture and related commands. 43 44 45 46# Example fuzzed CSI 47 48CSI self-monitoring before fuzzing. 49 50 51 52CSI self-monitoring after fuzzing command: `./csi_fuzzer.sh 1 45 0 13` 53 54 55 56`csi_fuzzer_scan.sh` can scan the c1 and c2 in different styles/modes by calling `csi_fuzzer.sh`. 57
