Invisible eyes: Real-time activity detection through encrypted Wi-Fi traffic without machine learning

IF 6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things Pub Date : 2025-04-11 DOI:10.1016/j.iot.2025.101602

Muhammad Bilal Rasool , Uzair Muzamil Shah , Mohammad Imran , Daud Mustafa Minhas , Georg Frey

{"title":"Invisible eyes: Real-time activity detection through encrypted Wi-Fi traffic without machine learning","authors":"Muhammad Bilal Rasool , Uzair Muzamil Shah , Mohammad Imran , Daud Mustafa Minhas , Georg Frey","doi":"10.1016/j.iot.2025.101602","DOIUrl":null,"url":null,"abstract":"<div><div>Wi-Fi camera-based home monitoring systems are increasingly popular for improving security and real-time observation. However, reliance on Wi-Fi introduces privacy vulnerabilities, as sensitive activities within monitored areas can be inferred from encrypted traffic. This paper presents a lightweight, non-ML attack model that analyzes Wi-Fi traffic metadata—such as packet size variations, serial number sequences, and transmission timings—to detect live streaming, motion detection, and person detection. Unlike machine learning-based approaches, our method requires no training data or feature extraction, making it computationally efficient and easily scalable. Empirical testing at varying distances (10 m, 20 m, and 30 m) and under different environmental conditions shows accuracy rates of up to 90% at close range and 72% at greater distances, demonstrating its robustness. Compared to existing ML-based techniques, which require extensive retraining for different camera manufacturers, our approach provides a universal and adaptable attack model. This research underscores significant privacy risks in Wi-Fi surveillance systems and emphasizes the urgent need for stronger encryption mechanisms and obfuscation techniques to mitigate unauthorized activity inference.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"31 ","pages":"Article 101602"},"PeriodicalIF":6.0000,"publicationDate":"2025-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2542660525001155","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Wi-Fi camera-based home monitoring systems are increasingly popular for improving security and real-time observation. However, reliance on Wi-Fi introduces privacy vulnerabilities, as sensitive activities within monitored areas can be inferred from encrypted traffic. This paper presents a lightweight, non-ML attack model that analyzes Wi-Fi traffic metadata—such as packet size variations, serial number sequences, and transmission timings—to detect live streaming, motion detection, and person detection. Unlike machine learning-based approaches, our method requires no training data or feature extraction, making it computationally efficient and easily scalable. Empirical testing at varying distances (10 m, 20 m, and 30 m) and under different environmental conditions shows accuracy rates of up to 90% at close range and 72% at greater distances, demonstrating its robustness. Compared to existing ML-based techniques, which require extensive retraining for different camera manufacturers, our approach provides a universal and adaptable attack model. This research underscores significant privacy risks in Wi-Fi surveillance systems and emphasizes the urgent need for stronger encryption mechanisms and obfuscation techniques to mitigate unauthorized activity inference.

查看原文本刊更多论文

隐形眼睛：通过加密的Wi-Fi流量进行实时活动检测，无需机器学习

基于Wi-Fi摄像头的家庭监控系统在提高安全性和实时观察方面越来越受欢迎。然而，依赖Wi-Fi会带来隐私漏洞，因为监控区域内的敏感活动可以从加密流量中推断出来。本文提出了一种轻量级的非机器学习攻击模型，该模型分析Wi-Fi流量元数据（如数据包大小变化、序列号序列和传输时间），以检测直播、运动检测和人员检测。与基于机器学习的方法不同，我们的方法不需要训练数据或特征提取，使其计算效率高，易于扩展。在不同距离（10米，20米和30米）和不同环境条件下的经验测试表明，近距离的准确率高达90%，远距离的准确率高达72%，证明了其稳健性。现有的基于机器学习的技术需要对不同的相机制造商进行广泛的再培训，相比之下，我们的方法提供了一个通用的、适应性强的攻击模型。这项研究强调了Wi-Fi监控系统中存在的重大隐私风险，并强调迫切需要更强大的加密机制和混淆技术来减轻未经授权的活动推断。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Internet of Things Multiple-

CiteScore

3.60

自引率

5.10%

发文量

115

审稿时长

37 days

期刊介绍： Internet of Things; Engineering Cyber Physical Human Systems is a comprehensive journal encouraging cross collaboration between researchers, engineers and practitioners in the field of IoT & Cyber Physical Human Systems. The journal offers a unique platform to exchange scientific information on the entire breadth of technology, science, and societal applications of the IoT. The journal will place a high priority on timely publication, and provide a home for high quality. Furthermore, IOT is interested in publishing topical Special Issues on any aspect of IOT.