Wireless communication infrastructure is a cornerstone of modern digital society, yet it remains vulnerable to the persistent threat of wireless jamming. Attackers can easily create radio interference to overshadow legitimate signals, leading to denial of service. The broadcast nature of radio signal propagation makes such attacks possible in the first place, but at the same time poses a challenge for the attacker: The jamming signal does not only reach the victim device but also other neighboring devices, preventing precise attack targeting. In this work, we solve this challenge by leveraging the emerging RIS technology, for the first time, for precise delivery of jamming signals. In particular, we propose a novel approach that allows for environment-adaptive spatial control of wireless jamming signals, granting a new degree of freedom to perform jamming attacks. We explore this novel method with extensive experimentation and demonstrate that our approach can disable the wireless communication of one or multiple victim devices while leaving neighboring devices unaffected. Notably, our method extends to challenging scenarios where wireless devices are very close to each other: We demonstrate complete denial-of-service of a Wi-Fi device while a second device located at a distance as close as 5 mm remains unaffected, sustaining wireless communication at a data rate of 25 Mbit/s. Lastly, we conclude by proposing potential countermeasures to thwart RIS-based spatial domain wireless jamming attacks.

翻译：无线通信基础设施是现代数字社会的基石，但其仍持续面临无线干扰的威胁。攻击者可以轻易制造无线电干扰以压制合法信号，导致服务拒绝。无线电信号传播的广播特性使得此类攻击成为可能，但同时也给攻击者带来了挑战：干扰信号不仅到达目标设备，也会影响其他邻近设备，从而难以实现精确的攻击定位。在本工作中，我们首次利用新兴的可重构智能表面技术解决了这一挑战，实现了干扰信号的精准投送。具体而言，我们提出了一种新颖的方法，允许对无线干扰信号进行环境自适应的空域控制，为实施干扰攻击提供了新的自由度。我们通过大量实验探索了这一新方法，并证明我们的方案能够使一个或多个目标设备的无线通信失效，同时不影响邻近设备。值得注意的是，我们的方法可扩展到极具挑战性的场景：我们演示了在完全阻断一个Wi-Fi设备服务的同时，仅相距5毫米的第二个设备仍能保持无线通信，数据速率可达25 Mbit/s。最后，我们提出了潜在的防御措施以抵御基于可重构智能表面的空域无线干扰攻击。