Deep learning technologies are pivotal in enhancing the performance of WiFi-based wireless sensing systems. However, they are inherently vulnerable to adversarial perturbation attacks, and regrettably, there is lacking serious attention to this security issue within the WiFi sensing community. In this paper, we elaborate such an attack, called WiIntruder, distinguishing itself with universality, robustness, and stealthiness, which serves as a catalyst to assess the security of existing WiFi-based sensing systems. This attack encompasses the following salient features: (1) Maximizing transferability by differentiating user-state-specific feature spaces across sensing models, leading to a universally effective perturbation attack applicable to common applications; (2) Addressing perturbation signal distortion caused by device synchronization and wireless propagation when critical parameters are optimized through a heuristic particle swarm-driven perturbation generation algorithm; and (3) Enhancing attack pattern diversity and stealthiness through random switching of perturbation surrogates generated by a generative adversarial network. Extensive experimental results confirm the practical threats of perturbation attacks to common WiFi-based services, including user authentication and respiratory monitoring.

翻译：深度学习技术在提升基于WiFi的无线感知系统性能方面发挥着关键作用。然而，深度学习本身易受对抗性扰动攻击，遗憾的是，WiFi感知领域对此安全问题缺乏足够重视。本文详细阐述了一种名为WiIntruder的扰动攻击，其具有普适性、鲁棒性和隐蔽性，可作为评估现有基于WiFi的感知系统安全性的催化剂。该攻击具备以下显著特征：(1)通过区分不同感知模型中用户特定状态的特征空间，最大化攻击的可迁移性，从而实现对常见应用普遍有效的扰动攻击；(2)借助启发式粒子群驱动的扰动生成算法优化关键参数，解决因设备同步和无线传播引起的扰动信号失真问题；(3)通过生成对抗网络随机切换扰动替代物，增强攻击模式的多样性与隐蔽性。大量实验结果表明，扰动攻击对常见的基于WiFi的服务（包括用户身份验证和呼吸监测）构成了实际威胁。