10.12 18 Tme(图 Time (s) Time (s) (a)CFR signals in different subcarriers,from top to bottom: (a)Principal components (b)Keystroke detection result #1~#5.#81~#85.and#181#185. Figure 6.Keystroke detection with smooth variance of the block PCAs. the data size.Figure 15(b)shows that using block PCA has -9b#1-20 about 8%performance improvement over traditional PCA. 5b81-#100 -Sub*181-*200 12 16 V.KEYSTROKE MONITORING Tme倒 (b)Block PCA results.The first principal components cor- In the keystroke monitoring attack,the adversary points the respond to subcarriers #1#20.#81#100,and antenna towards the victim (ensure that the target is within #181~#200. the receiving angle of the directional antenna)while he/she Figure 5.Performance of the block PCA algorithm. is typing in order to intercept the typing content.We focus on attacking the keystrokes input on numerical keypad as After that,we calculate the CFR estimation for each symbol shown in Figure 10.which is widely used on ATM and doors and subcarrier based on Eg.(1). for inputting the PIN number.The attack contains two steps: B.Data Preprocessing keystroke detection and keystroke recognition. The Data Preprocessing module takes the CFR values and A.Keystroke detection performs the following two steps:noise removal and block In the keystroke detection step,we use a moving vari- principal component analysis. ance algorithm to detect each keystroke event.Figure 6 Noise Removal:We first reduce the impact of multi-path shows the keystroke detection process.We first calculate interference by directional antennas.Compared to omnidirec- the variance from the block PCA results.Once the vari- tional antennas,directional antennas amplify signals in the ance exceeds an empirically determined threshold,the sys- beam direction and reject signals in other directions.Figure tem detects a keystroke event.Sometimes one keystroke 4 compares the CFR captured by a directional antenna and movement may introduce multiple separated variation peaks, an omnidirectional antenna at one of the 200 subcarriers we treat these movements as one keystroke if their time at a distance of 10 meters.Due to the high noise level, interval is less than 0.1 second.The keystroke detection the keystroke movements are submerged in the noisy signal result is shown in Figure 6(b).The vertical red lines are collected by the omnidirectional antenna.But,with the help the groundtruth of the keystroke time-points provided by a of the directional antenna,we can easily determine the CFR key logger and the green/red dots are the detected keystrokes variations corresponding to each keystroke event. start/end time-points. The raw signals captured by directional antennas are still After detecting a keystroke movement with start and end distorted by high-frequency noises.As the hand/finger move- points,we calculate the midpoint of these two points and ments in keystroke input induce CRS variations with frequen- segment the data for a period of time near the midpoint cies between 2~30 Hz [12],we then use a moving-average as the waveform of the keystroke (typically two seconds filter to remove the high-frequency noises.Figure 5(a)shows in our experiments).Our keystroke detection works well the signal after the low-pass filter at selected subcarriers. when there is no interference around.However,it can hardly Block Principal Component Analysis:Most of the CFR detect a keystroke when there are objects moving around the samples are redundant,so they introduce unnecessary com- victim.In the future,we plan to use more antenna to separate putational costs in the keystroke recognition stage.We use nearby objects. PCA (Principal Component Analysis)to extract most prin- cipal components from raw CFR signals.Figure 5(a)shows B.Keystroke recognition the waveform of different LTE subcarriers,we can clearly Existing works treat each keystroke separately by assum- observe that signals between distant subcarriers have smaller ing that the user always returns to a given posture after correlations.Based on this observation,we first divide 200 each keystroke [6].[10].In case of continuous typing,our subcarriers into 10 blocks,then each block performs PCA key observation is that the CFR measurements indicate the and takes the first principal component.Thus,the block PCA hand/finger movements between keys,instead of the key press. algorithm outputs ten principal components.Figure 5(b)shows We model the process as a Hidden Markov Model (HMM) an example of block PCA results in three blocks,where we can to infer the transition between subsequent keystrokes.Note clearly observe the keystroke events.Compare to traditional that existing works such as Zhuang et al.[7]using HMM PCA performed directly on overall 200 subcarriers,block PCA methods to reveal text input are based on language model, can reserve more representative information while squeezing which is significant different to our method,and it can not0 2 4 6 8 10 12 14 16 18 20 Time (s) 12 14 16 18 20 CFR Amplitude (a) CFR signals in different subcarriers, from top to bottom: #1 ∼ #5, #81 ∼ #85, and #181 ∼ #185. 0 2 4 6 8 10 12 14 16 18 20 Time (s) 20 30 40 Block PCA Sub #1~#20 Sub #81~#100 Sub #181~#200 (b) Block PCA results. The first principal components cor￾respond to subcarriers #1 ∼ #20, #81 ∼ #100, and #181 ∼ #200. Figure 5. Performance of the block PCA algorithm. After that, we calculate the CFR estimation for each symbol and subcarrier based on Eq. (1). B. Data Preprocessing The Data Preprocessing module takes the CFR values and performs the following two steps: noise removal and block principal component analysis. Noise Removal: We first reduce the impact of multi-path interference by directional antennas. Compared to omnidirec￾tional antennas, directional antennas amplify signals in the beam direction and reject signals in other directions. Figure 4 compares the CFR captured by a directional antenna and an omnidirectional antenna at one of the 200 subcarriers at a distance of 10 meters. Due to the high noise level, the keystroke movements are submerged in the noisy signal collected by the omnidirectional antenna. But, with the help of the directional antenna, we can easily determine the CFR variations corresponding to each keystroke event. The raw signals captured by directional antennas are still distorted by high-frequency noises. As the hand/finger move￾ments in keystroke input induce CRS variations with frequen￾cies between 2 ∼ 30 Hz [12], we then use a moving-average filter to remove the high-frequency noises. Figure 5(a) shows the signal after the low-pass filter at selected subcarriers. Block Principal Component Analysis: Most of the CFR samples are redundant, so they introduce unnecessary com￾putational costs in the keystroke recognition stage. We use PCA (Principal Component Analysis) to extract most prin￾cipal components from raw CFR signals. Figure 5(a) shows the waveform of different LTE subcarriers, we can clearly observe that signals between distant subcarriers have smaller correlations. Based on this observation, we first divide 200 subcarriers into 10 blocks, then each block performs PCA and takes the first principal component. Thus, the block PCA algorithm outputs ten principal components. Figure 5(b) shows an example of block PCA results in three blocks, where we can clearly observe the keystroke events. Compare to traditional PCA performed directly on overall 200 subcarriers, block PCA can reserve more representative information while squeezing 0 2 4 6 8 10 Time (s) -5 0 5 Normalized Amplitude 8 7 0 9 5 PCA #2 PCA #4 PCA #6 PCA #8 PCA #10 (a) Principal components 0 2 4 6 8 10 Time (s) 0 0.5 1 1.5 2 Moving Variance 10-3 8 7 0 9 5 variance smooth variance keystroke time start point end point (b) Keystroke detection result Figure 6. Keystroke detection with smooth variance of the block PCAs. the data size. Figure 15(b) shows that using block PCA has about 8% performance improvement over traditional PCA. V. KEYSTROKE MONITORING In the keystroke monitoring attack, the adversary points the antenna towards the victim (ensure that the target is within the receiving angle of the directional antenna) while he/she is typing in order to intercept the typing content. We focus on attacking the keystrokes input on numerical keypad as shown in Figure 10, which is widely used on ATM and doors for inputting the PIN number. The attack contains two steps: keystroke detection and keystroke recognition. A. Keystroke detection In the keystroke detection step, we use a moving vari￾ance algorithm to detect each keystroke event. Figure 6 shows the keystroke detection process. We first calculate the variance from the block PCA results. Once the vari￾ance exceeds an empirically determined threshold, the sys￾tem detects a keystroke event. Sometimes one keystroke movement may introduce multiple separated variation peaks, we treat these movements as one keystroke if their time interval is less than 0.1 second. The keystroke detection result is shown in Figure 6(b). The vertical red lines are the groundtruth of the keystroke time-points provided by a key logger and the green/red dots are the detected keystrokes start/end time-points. After detecting a keystroke movement with start and end points, we calculate the midpoint of these two points and segment the data for a period of time near the midpoint as the waveform of the keystroke (typically two seconds in our experiments). Our keystroke detection works well when there is no interference around. However, it can hardly detect a keystroke when there are objects moving around the victim. In the future, we plan to use more antenna to separate nearby objects. B. Keystroke recognition Existing works treat each keystroke separately by assum￾ing that the user always returns to a given posture after each keystroke [6], [10]. In case of continuous typing, our key observation is that the CFR measurements indicate the hand/finger movements between keys, instead of the key press. We model the process as a Hidden Markov Model (HMM) to infer the transition between subsequent keystrokes. Note that existing works such as Zhuang et al. [7] using HMM methods to reveal text input are based on language model, which is significant different to our method, and it can not