WiFiLeaks: Exposing Stationary Human Presence Through a Wall with Commodity Mobile Devices

WiFi devices are ubiquitous and may leak user and household privacy. In this paper, we report an attack, namely WiFiLeaks, which uses a commodity mobile device to passively detect stationary human presence through a wall by analyzing the channel state information of wireless signals transmitted by indoor WiFi devices. In our adversarial scenario, attackers cannot control the WiFi transmitter or use advanced radio devices. The main challenge of this attack is how to extract robust features from non-customized signals for stationary human presence. To address this challenge, we first combine methods based on outliers and wavelet denoising to enhance the low-frequency information related to human presence. Then we propose a novel feature extraction method based on the correlation among subcarriers since stationary human presence can enhance their correlations. We evaluate WiFiLeaks using nine different WiFi transmitter and one commodity smartphone in four different settings. The evaluations show WiFiLeaks can still achieve accuracy rates of 83.33% and 100% for human presence and absence at 20 meters between the monitor device and the transmitter in through-the-wall scenarios.