Wireless Networks Security and Privacy

Semester: 2023 Autumn
Time: 13:25-17:00 (
Location: Yuquan Campus, #12 Teaching Building, Rm507
TA : Shilin Xiao, xshilin@zju.edu.cn

Schedule (Update: 2023.9.26)

Week Course/Presentation Topic Reading References Presenter
Week 1
19, Sep
1. Course introduction & logistics
2. Wireless security basics & threat models
Online Lecturer
Week 2
26, Sep
3. Information security and crypto basics
4. Physical layer: physical layer threats; jamming
Online Lecturer
Week 4
10 ,Oct
5. Link layer, Wi-Fi security, and mac misbehavior
6. Network layer: threats, routing and forwarding security
Online Lecturer
Week 5
17, Oct
7. Wireless transport layer: TCP/UDP security
8. Location service security
Online Lecturer
Week 6
24, Oct
New wireless topics 1: Telecom Security & Privacy
New wireless topics 2: IoT Security & Privacy
New wireless topics 3: Satellite security
New wireless topics 4: Bluetooth security
Paper Presentation
Attachment Lecturer & Student
Week 7
31, Oct
New wireless topics 5: 5G/60G and its security
New wireless topics 6: Low power wireless network and security
New wireless topics 7: VANET Security & Privacy
Paper Presentation
Attachment Lecturer & Student
Week 8
14, Nov
Project Presentation Attachment Student

Group: each group has 2 students. Send your group information to TA according to the following format:

Format: the order you wish to present + group members + paper name, e.g.,
“1 + Alice, Bob + Beauty and the Burst: Remote Identification of Encrypted Video Streams”

Student presentation:
1. 2 students as a group
2. chooses paper from the list I provide or from other relevant conferences/ journals
3. Presentations last for 15 mins + Q&A + Discussion
4. Make slides yourself

Paper source:
1. Big 4: USENIXS Security/ NDSS/ ACM CCS/ IEEE Oakland (S&P)

References for projects (Update: 2023.9.26):
1. Wireless communication security
- https://github.com/adamhrv/skylift (wifi定位欺骗)
- https://github.com/crypt0b0y/BLUETOOTH-DOS-ATTACK-SCRIPT (蓝牙DoS攻击)
2. Speech security
- https://github.com/svc-develop-team/so-vits-svc (歌声音色转换)
- https://github.com/yzyouzhang/AIR-ASVspoof (声纹伪造攻击)
3. Video & image security
- https://github.com/Liangwe/AI-Change-face-in-the-video (AI视频换脸)
- https://github.com/Qengineering/Face-Recognition-Raspberry-Pi-64-bits (基于树莓派的人脸识别)

Candidate papers from me (Update: 2023.9.26):
Session 1: Wireless Communication Security
1. Blacktooth: Breaking through the Defense of Bluetooth in Silence, CCS 2022
2. Don't Kick Over the Beehive: Attacks and Security Analysis on Zigbee, CCS 2022
3. Location Heartbleeding: The Rise of Wi-Fi Spoofing Attack Via Geolocation API, CCS 2022
4. Blue's Clues: Practical Discovery of Non-Discoverable Bluetooth Devices, SP 2023
5. From 5G Sniffing to Harvesting Leakages of Privacy-Preserving Messengers, SP 2023
6. PhyAuth: Physical-Layer Message Authentication for ZigBee Networks, USENIX 2023
7. Formal Analysis and Patching of BLE-SC Pairing, USENIX 2023
8. Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues, USENIX 2023
9. Time for Change: How Clocks Break UWB Secure Ranging, USENIX 2023

Session 2: Side Channel
10. When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure, CCS 2022
11. Frequency Throttling Side-Channel Attack, CCS 2022
12. TickTock: Detecting Microphone Eavesdropping Attack Leveraging Electromagnetic Leakage of Clock Signals, CCS 2022
13. StealthyIMU: Stealing Permission-protected Private Information From Smartphone Voice Assistant Using Zero-Permission Sensors, NDSS 2023
14. Uncovering User Interactions on Smartphones via Contactless Wireless Charging Side Channels, SP 2023
15. Side Eye: Characterizing the Limits of POV Acoustic Eavesdropping from Smartphone Cameras with Rolling Shutters and Movable Lenses, SP 2023
16. Eavesdropping Mobile App Activity via Radio-Frequency Energy Harvesting, USENIX 2023
17. LightThief: Your Optical Communication Information is Stolen behind the Wall, USENIX 2023

Session 3: Biometric Security
18. Perception-Aware Attack: Creating Adversarial Music via Reverse-Engineering Human Perception, CCS 2022
19. When Evil Calls: Targeted Adversarial Voice over IP Network, CCS 2022
20. InfoMasker: Preventing Eavesdropping Using Phoneme-Based Noise, NDSS 2023
21. Spoofing Real-world Face Authentication Systems through Optical Synthesis, SP 2023
22. ImU: Physical Impersonating Attack for Face Recognition System with Natural Style Changes, SP 2023
23. SMACK: Semantically Meaningful Adversarial Audio Attack, USENIX 2023
24. Remote Attacks on Speech Recognition Systems Using Sound from Power Supply, USENIX 2023

Session 4: Sensor Security
25. Un-Rocking Drones: Foundations of Acoustic Injection Attacks and Recovery Thereof, NDSS 2023
26. MetaWave: Attacking mmWave Sensing with Meta-material-enhanced Tags, NDSS 2023
27. You Can't See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving Frameworks, USENIX 2023
28. mmSpoof: Resilient Spoofing of Automotive Millimeter-wave Radars using Reflect Array, SP 2023
29. mmEcho: A mmWave-based Acoustic Eavesdropping Method, SP 2023

Presentation and Project Schedule(Update: 2023.11.10):
Please find your (gourp's) presentation order in the attchment: Presentation Schedule
Course slides(Update: 2023.11.10):
Lecture 1
Lecture 2
Lecture 3
Lecture 4
Lecture 5
Lecture 6
Lecture 7
Lecture 8
Lecture 9
Lecture 10
Lecture 11
Lecture 12