1<!-- 2Author: Xianjun jiao 3SPDX-FileCopyrightText: 2021 UGent 4SPDX-License-Identifier: AGPL-3.0-or-later 5--> 6 7[Openwifi CSI fuzzer for authorized sensing and covert channels](https://arxiv.org/pdf/2105.07428.pdf) (submitted to ACM WiSec 2021) 8 9CSI (Channel Station Information) of WiFi systems is available in some WiFi chips and can be used for environment (people, object, activity) sensing passively and secretly. 10 11How could a CSI fuzzer stop unauthorized sensing? 12 13 14 15CSI fuzzer implementation principle. 16 17 18 19CSI fuzzer in openwifi system architecture and related commands. 20 21 22 23Thanks to the full-duplex capability and CSI extraction feature of openwifi, you can monitor the artificial channel response via [side channel](./csi.md) by Tx-Rx over the air coupling without affecting the normal operation/traffic of openwifi. Before the self-monitoring, the auto-mute during Tx needs to be disabled: 24 25``` 26./sdrctl dev sdr0 set reg xpu 1 1 27``` 28 29CSI self-monitoring before fuzzing. 30 31 32 33CSI self-monitoring after fuzzing command: `csi_fuzzer.sh 1 45 0 13` 34 35 36 37`csi_fuzzer_scan.sh` can scan the c1 and c2 in different styles/modes by calling `csi_fuzzer.sh`. 38
