Recently, wireless sensing techniques are promising and attractive to retrieve information, such as the user’s identity and activity/gesture, in a non-intrusive and human-centered way (Zhao et al., 2019; Wang and Zheng, 2018; Fan et al., 2018; Wang et al., 2018; Xin et al., 2016; Zeng et al., 2016; Zhang et al., 2016; Wang et al., 2016; Shi et al., 2017; Lv et al., 2017; Pokkunuru et al., 2018). The insight behind wireless sensing is that the RF signal can be distorted by human bodies during its transmission, with the effect of reflection, deflection, penetration, and the like. The wireless sensing enabled applications bring users convenient services, since even the pose (Zhao et al., 2018) and motion (Wang et al., 2019) can be detected and identified in a fine-grained way. Therefore, the users’ behaviors can also be extracted from the RF signals (Wang and Zheng, 2018; Ding et al., 2015; Fan et al., 2018; Li et al., 2016; Wang et al., 2014, 2015).
However, the ability of sensing behaviors result in serious privacy concerns. Recently, Zhu et al. (Zhu et al., 2018) have demonstrated that users’ in-door coarse-grained behavior privacy, e.g., the presence of users, can be sensed by attackers through the WiFi signal analysis. In such cases, if users enjoy the RF-based service provided by a non-trusted service provider (SP), information leakage of their behaviors, sometimes sensitive, occurs. The SP may utilize collected signals to monitor the users and analyze their behaviors while the users are unaware of such surveillance. We argue that this is a severe privacy threat because the SP like attacker can secretly supervise users and speculate about users’ professions, interests and even the users’ password. For example, since 2013 the Carbanak gang has stolen tens of millions of dollars from several banks by hacking their IoT cameras and monitoring the clerks’ operations on the banking system (Kaspersky, 2015).
We define such privacy as behavior privacy in RF signals (RFBP). To achieve RFBP preserving, we aim to design a framework which can be controlled by clients to protect their poses, gestures, and activities in RF-based sensing applications. Meanwhile, the framework should retain RF-based applications’ normal functions as well as their performance, such as authentication, tracking and localization. In this paper, we chose the authentication as the typical and representative function deserving the retaining.
The core functionality of the framework is to filter out behavior features (i.e.
, behavior privacy) from the authentication-oriented data (AOD) while not destroying identity-relevant features. In this way, the behavior privacy-protected AOD can only be used to identify users. To achieve this aim, we should address the following challenges. First, RF signals contain both behavior information and identity information and it is difficult to figure out which part of the RF signal represents the behavior of the user and to filter them out. Second, we must not destroy the identity-relevant feature when excluding users’ behavior information. In this paper, we overcome these challenges by skillfully converting this privacy preserving issue into a pure feature extraction issue. In the new issue, we aim to extract only identity-relevant pure feature while ignoring behavior-relevant feature from AOD. We achieve this goal by devising a novel Siamese network(Chopra et al., 2005) based framework, whose core is RFBP-Net.
Basically, our framework first confirms that behavior privacy is contained in the AOD by using several classic learning models. Then a training set, in which each training sample has two kinds of labels (a behavior label and an identity label), is formed by using a well-designed algorithm. Afterwards, RFBP-Net is trained and all privacy-sufficient samples are processed by RFBP-Net. Finally, our framework utilizes several classic learning models to confirm the validity of the processed data.
In the experiment part, we first used a RFID system to evaluate our framework. Five volunteers were required to write ten different numbers from ‘0’ to ‘9’ in front of a tag array. Thus each signal sample had two labels: an identity label and an activity label. Then the collected signal samples were reconstructed and relabeled so that each training sample had two new labels: a similarity label and an identity label. We tested privacy-preserved data with different learning models and the experiment results demonstrated that by using extracted features, i.e., the processed dataset, the accuracy of activity recognition decreased from 95% to 25% while the accuracy of identity authentication only dropped 5%. In the second experiment, we collected gesture based RF signals with ten volunteers in a WiFi system. Each volunteer posed ten different gestures to represent ten different behaviors. The evaluation results showed that RFBP-Net efficient protected gesture privacy while causing almost zero reduction in the identity authentication accuracy. In extensive experiments, we evaluated our framework with two open datasets Wiar and Widar3.0. The results demonstrated that our framework was significantly efficient at behavior privacy preserving.
In summary, our contributions are threefold:
We first notice that users’ behavior privacy may be filched in RF signal-based applications, and then propose the concept of RFBP.
We propose a novel framework, which aims to protect behavior privacy by using a novel deep model named RFBP-Net.
We built a prototype of RFBP-Net and evaluated our framework with a RFID system and a WiFi system. The experiment results show that RFBP-Net performs well at behavior privacy preserving. The extensive experiments on two open datasets also prove that our framework delivers outstanding performance.
Of the remaining sections of this paper, Section 2 is used to introduce existing related works. Section 3 first introduces the background to RF signal-based user authentication and activity/gesture recognition techniques and then introduces the function of the Siamese network. The methodology is presented in Section 4. All of the experiments and corresponding results are arranged in Section 5, Section 6 and Section 7. In Section 8, we discuss some issues and future works. In Section 9, we conclude this paper.
2. Related Work
In this section, we first introduce some RF signal-based authentication methods and then introduce several RF signal-based activity/gesture recognition systems.
RF signal-based user authentication: a wealth of recent works focused on authentication using RF signals. For user authentication, RF-Mehndi (Zhao et al., 2019) leverages the coupling effect to amplify the variety of signal phase caused by the hand’s impedance while touching. WiPIN (Wang et al., 2018) extracts the body features from WiFi signals after propagating through the human body to authenticate users. FreeSense (Xin et al., 2016) conducts user identification in in-door environments with WiFi signals. WiWho (Zeng et al., 2016), WiFiU(Wang et al., 2016) and WiFi-ID (Zhang et al., 2016) made a authentication scheme that uses users’ walking patterns to identify them.
Our framework is different from existing RF signal-based authentication works. Previous works only focus on the authentication accuracy and user-friendliness instead of privacy protection. However, our framework can identify the identity of the user accurately, but the behavior privacy protection is also guaranteed.
RF signal-based activity/gesture recognition: Activity/gesture recognition techniques are usually achieved by extracting behavior-relevant features from signal indicators in RFID signals or WiFi signals. By using RFID system, TACT (Wang and Zheng, 2018) first model the RF signals’ intrinsic characteristics generated in application scenarios and then recognizes activities based on the model through phase analysis. Likewise, TagFree (Fan et al., 2018), which also uses RFID system as a foundation, recognizes activities by analyzing the signals distorted by multi-path. Li et al. (Li et al., 2016) realize an activity recognition system under the light of deep learning. Through fine-grained signature extraction, E-eyes (Wang et al., 2014) identifies activities in WiFi settings. Wang et al. (Wang et al., 2017) also proposed a activity recognition system using device-free WiFi devices. A survey on WiFi-based activity recognition systems was organized in (Guo et al., 2016).
As distinct from above mentioned related works, our framework aims to hide users’ behavior information rather than to extract and utilize it.
A brief introduction to RF signal-based user authentication and activity/gesture recognition is given in the first and second part of this section. The third part is used to introduce the basic function of the Siamese network.
3.1. RF signal-based user authentication
RF signals such as RFID signals and WiFi signals are ubiquitously employed to authenticate users. The signal indicators utilized for feature extraction are the signals’ RSS and phase. RSS depicts the strength of the signal, the value of RSS varies according to multiple environment variables, e.g., the traveling distance and the electric permittivity of the traveling media. The impedance of the human body, which is a kind of electric characteristic, varies among different individuals. Thus different individuals would cause different strength losses while signals are propagating through their bodies. Hence, RSS can be used for user authentication. The phase of the RF signal is denoted as:
where is the propagation distance. The initial phase and the wavelength are denoted as and , respectively. During traveling and penetrating, is influenced by the motion and thickness of the body tissue accordingly. Therefore, phase is one of the common indicators that can represent the identity features of users.
3.2. RF signal-based activity/gesture recognition
The principle of the activity/gesture recognition is similar to the principle of user authentication, i.e., the common signal indicators used for activity recognition generally are RSS and phase as well. The feasibility behind the activity/gesture recognition is the multi-path effect. The signal’s traveling path is determined not only by linear propagation distance but also by the reflection and refraction caused by human bodies. Once the propagating signal is obstructed by the human body, the propagation path changes, resulting in the changes of signal indicators. Therefore, signal indicators are utilized for activity/gesture recognition.
3.3. Siamese network
The Siamese network is a classical architecture generally used in similarity comparison. The major structure of a Siamese network
is two deep neural networks that share the same weights and architecture. When calculating the similarity between two samples, the inputs of aSiamese network are twofold. For example, two different images can be inputted into the Siamese network
for similarity calculation, two sentences can also be fed into this network to calculate semantic similarity after being transformed as vectors. The outputs of theSiamese network are twofold as well because it has two sub-networks. During training, a particular loss named contrastive loss is calculated to optimize these two sub-networks. After training, one can establish the similarity of two inputs by comparing the similarity of two sub-networks’ outputs. In recent years, the Siamese network has also been used for knowledge distillation and model compression.
We present the framework overview in the first part and build a theoretical model in the second part. The architecture of RFBP-Net is elaborated in the third part. Finally, we introduce the loss functions and the training method of RFBP-Met.
4.1. Framework Overview
In this part, the workflow of our proposed framework is elaborated upon. As shown in Fig. 1, our framework is composed of four modules: source data validation, training set construction, processing via RFBP-Net and feature quality validation.
Source data validation: This module is the first module of our framework. In this module, we should confirm that the source data is both identity feature-sufficient and behavior feature-sufficient. First, the collected source signal (i.e. source data) should be processed so that all the signal samples have the same dimension, e.g. the dimension of
in our RFID experiment. Afterwards, several classic machine/deep learning algorithms/models are selected to classify these signal samples. If the recognition accuracies of identity and behavior are both high, e.g., larger than 80%, we confirm that the source data is valid and needs to be processed by RFBP-Net.
Training set construction: After confirming that the source data is valid, the training set needs to be constructed. This module also contains two steps. In the first step, special signal samples are randomly selected. In the second step, these randomly selected signal samples are re-labeled and constructed as training samples. These two steps are combined together as an algorithm described in a following part.
Processing via RFBP-Net: This module is the core of our framework and contains three steps. First, since RFBP-Net is a deep model which has special architecture and loss functions, some parameters, e.g., the size of the output feature, need to be set before training. Then, RFBP-Net is trained by using the training set and parameters set in the first step. At last, all signal samples in the source data are fed into the well-trained RFBP-Net to get behavior-irrelevant feature vectors.
Feature quality validation: This module evaluates the quality of the extracted feature, which is extracted from the previous module. This module first selects a suitable algorithm or model to evaluate the feature’s quality. Next, due to the fact that our goal is to extract the feature which only contains the identity-relevant feature, it is essential to confirm that the extracted feature can only be used for accurate identity authentication..
4.2. Theoretical model
Each signal sample is composed of three components:
is the traveling function of the transmitted signals determined by the traveling multi-path in the environment. represents the signal component that contains the identity-relevant feature. represents the signal component that contains the behavior-relevant feature. is the noise component which should be discarded during feature extraction.
Firstly, the identity-relevant component should be extracted from . The related function, , can be represented by:
where are the parameters that need to be calculated. Afterwards, we need another function to refine so that the output , i.e., the identity-relevant feature can be as pure as possible:
where are the parameters that need to be calculated as well.
In our framework, RFBP-Net realizes both functions of and . By optimizing the model with contrastive loss, the parameters are calculated automatically. Likewise, the parameters are calculated by optimizing the model with identity loss.
4.3. The architecture of RFBP-Net
The architecture of RFBP-Net is shown in Fig. 2. The inputs of this model are twofold, i.e., two samples are fed into the model simultaneously. We assume that the RF signal collected to authenticate users also contains behavior privacy. The goal of RFBP-Net is to extract the pure feature that can be used for user authentication while only meagre behavior-relevant feature is contained in the pure feature.
To achieve this goal, RFBP-Net employs a CNN-based deep model as the feature extractor of the Siamese network
. Specifically, the feature extractor contains three convolutional layers and two fully connected layers. We add a batch normalization function(Wang et al., 2020)2019) behind each convolutional layer. The first fully connected layer is followed by a Sigmoid activation function (Lee, 2014). In order not to impact the feature representation ability of the feature extractor’s output, we do not add any activation function behind the last fully connected layer. The feature extractor is followed by two branches: the first one for contrastive loss-based optimization and the second one for identity loss
-based optimization. The second branch is composed of two fully connected layers and each fully connected layer is followed by a Sigmoid function(Lee, 2014).
4.4. Training set
Training set is crucial for a deep learning model. In our framework, RFBP-Net aims to leverage the knowledge distillation ability of the Siamese network to extract specific features. However, The realization of knowledge distillation relies on the basic function of the Siamese network: calculating the similarity between two inputs. Hence, we reconstruct the signal samples and re-label them. In detail, because each signal sample has two labels: an identity label and a behavior label, our framework reorganizes the samples by combining two signal sample into one training sample and labeling this training sample based on two rules: 1) A training sample sets ‘0’ as its similarity label if two signal samples in this training sample belong to the same user but different activities. By contrast, the similarity label of the training sample is ‘1’ if the two signal samples of this training sample belong to different users but the same behavior. 2) If the similarity label of the training sample is ‘0’, its second label is set as the corresponding identity label. Otherwise, the second label is set as ‘-1’.
In particular, as described in Alg. 1, we form the training set by randomly sampling from signal samples. One signal sample is randomly selected from all signal samples first, then another signal sample is selected in the same way. Afterwards, those two randomly selected signal samples are organized together to form one training sample based on the aforementioned rules.
4.5. Loss functions
Recalling that each training sample contains two different labels: a similarity label and an identity label, two different loss functions are thus utilized to optimize RFBP-Net. Specifically, the contrastive loss can be denoted as:
In this formula, is the similarity label, and is the Euclidean distance of two inputs which belong to the same training sample. Moreover, is empirically set as 3. If we denote and as two inputted signal samples, the Euclidean distance can be represented as:
In order to improve the ability of the identity-relevant feature extraction of RFBP-Net, we introduce the identity loss into the optimization step. In detail, RFBP-Net utilizes cross entropy loss (Nar et al., 2019) to calculate the identity loss. The loss function can be denoted by:
in which is the indication variable,
is the probability that targeting sample belongs to classand is the number of classes.
4.6. Objective and training
Ultimately, the final loss of the optimization objective can be represented by:
During training, training samples are divided into batches and fed into the model. The number of training periods is set as . Empirically, as default, , and are respectively set as 1000, 10 and 200. In order to fit the special requirements of the performance in some special scenarios (e.g., a high-level protection of RFBP is in demand yet the requirement for user recognition accuracy is not acute), a ratio trade-off between the identity-relevant feature and the behavior-relevant feature can be adjusted by altering based on the requirement of the specific application scenario.
5. Evaluation with RFID
In order to evaluate the performance of our framework with RFID signals, we conducted experiments with five volunteers and collected over 4000 signal samples. The ages the of volunteers varied from 21 to 31 and the heights of them varied from 165 to 188 centimeters (2 females and 3 males).
Hardware: The reader used for signal modulation and demodulation was a COTs reader whose type was Impiji R420. It was connected with a commercial one-dimensional Larid A9028 antenna. We build a tag array with size . The type of the tags was Alien-9629.
Software: We used Visual Studio and C# to control the transmission and receiving procedure of the RFID system. To avoid transmission collision, we employed standard frame-based slot-ALOHA protocol to arrange the response time of each tag. The signal processing was completed by using MATLAB. The feature extraction model was built through the standard deep learning framework Pytorch and hence the code was programmed in Python language in Eclipse. Likewise, the feature quality evaluation was achieved by using Python language as well.
Experiment setup: As shown in Fig. 3(a), we employed a commercial RFID system for the transmission and receiving of RF signals. Volunteers were asked to write ten numbers, as shown in Fig. 3(b), to represent ten activities. The white arrow on the number is the start point of writing and the direction of the arrow is the writing direction.
Data preprocessing: The received signal samples, which were time-series data originally, need to be processed to have a regular shape. In our experiments, RSS values and phase values are first formed as value array and then 30 value arrays are piled together to form a 3-dimensional signal sample which has the dimension of .
5.1. Validity of source data
In this part, the signal samples that need to be processed by RFBP-Net are termed as source data. Before evaluating the performance of our framework, the validity of source data needs to be verified, i.e., it is vital to prove that sufficient identity-relevant features and activity-relevant features are contained in the source data
. We first trained five learning models: k-nearest neighbours (KNN), naive Bayes (NB), support vector machine (SVM), normal neural network with two fully-connected layers (NN) and convolutional neural network (CNN). Then we tested them withsource data. Specially, when training the first five learning models, we normalized the source data via min-max-normalization, which can be represented by:
In this formula, the original attribute value and normalized attribute value are denoted as and respectively. and mean the minimal attribute value and the maximal attribute value in all training samples. The experiment results are shown in Table 1, from which one can find that by using KNN, NN or CNN, the authentication accuracy of user identity is larger than 98.90%. By contrast, NB, SVM, and DT perform relatively worse. As for the accuracy of activity recognition, both CNN and KNN achieve 94.74%, yet CNN is more compatible for constructing a deep model i.e., the Siamese network. Based on the above experiment results, two conclusions can be reached, summarized as: 1) It is apparent that sufficient identity-relevant features and activity-relevant features can be provided by source data for accurate identity authentication and activity recognition. 2) CNN is qualified to be employed as the fundamental architecture of our deep model.
|K-Nearest Neighbours||Naive Bayes||Support Vector Machine||Decision Tree||Neural Network||CNN|
|Recognition Goal||K-Nearest Neighbours||Naive Bayes||Support Vector Machine||Decision Tree||Neural Nnetwork|
Therefore, those two conclusions confirm the rationality of the design of our Siamese network-based deep model.
5.2. Learning model selection for feature quality evaluation
Only using one learning model is insufficient to demonstrate that extracted features are activity-privacy-irrelevant while yielding high authentication accuracies of user identity. Therefore, as shown in Table 2, we use five learning models to evaluate the feature quality. The default hyper-parameters , feature size (i.e., the number of the elements in the extracted feature vector), and size of training set (i.e., the number of the training samples) are 0.5, 64 and 1000 respectively. The reason that CNN is discarded is that the shape of the extracted feature vector is a 1-dimensional vector, which is not compatible for 2-dimensional convolution. Table 2 shows that KNN and NN retain an excellent performance on identity authentication compared with other learning models. Though the recognition accuracy of identity drops almost 5% by using NN, the reduction of the activity recognition accuracy is far larger than 5%, i.e., the accuracy of activity recognition drops over 70%. Ultimately, two conclusions can be reached according the experiment results: 1) The proposed deep model is qualified to extract high-quality features that can be utilized for accurate user authentication while protecting activity privacy. 2) It is reasonable to employ NN for feature quality evaluation.
Thus the criteria for judging whether the extracted feature vector is high-quality is: the higher the accuracy of identity authentication, and the lower the accuracy of activity recognition, the higher quality the extracted features . Moreover, NN is used to evaluate the feature quality in all the remaining extensive experiments due to its outstanding recognition capability compared with the other four learning models.
5.3. Effect of training set size
The volume (i.e., size) of the training set is one of the significant factors that directly influences the quality of the extracted features. It is worth noting that Siamese network is qualified to perform well even with a small training set. In order to guarantee that the only variable is the size of the training set. we first randomly selected 1000 training samples as the fundamental training set and conducted all the experiments with the subsets of the fundamental training set.
We varied the size of the training sets from 100 to 1000. The experiment results are shown in Fig. 4(a). The results demonstrate that when the value of the horizontal axis is smaller than 7, with the increase of the size of the training set, the identity authentication accuracy keeps increasing and the activity recognition accuracy remains relatively stable (around 25%). Furthermore, when the size of the training set continues increasing, the accuracy of activity recognition starts decreasing (deceasing to 20% approximately). Afterwards, the accuracy of activity recognition rebounds to 25% approximately, while the accuracy of identity authentication achieves 98%.
Though both the identity authentication accuracy curve and the activity recognition accuracy curve become flat when the training set size is larger than 600, in order to guarantee that the extensive experiments were not influenced by the training set size and the training samples were sufficient for model training, we fixed the size of the training set as 1000 in the following experiments.
5.4. Effect of the hyper-parameter
In this experiment, we hypothesized that the hyper-parameter was related to the trade-off between the recognition accuracy of activity and the authentication accuracy of identity. In order to validate our hypothesis, we varied
from 0.1 to 0.9 with a stride of 0.1. The experiment results in Fig.4(b) show that when approximates 0.5, the identity authentication accuracy is significantly high and the activity recognition accuracy is low. Yet, when is too small or too large, the feature quality does not meet our expectation, e.g., still high identity authentication accuracy and low activity recognition accuracy with no trade-off in between.
5.5. Effect of feature size
In order to explore whether the change of the extracted feature size (the number of elements in the feature vector) affects the performance of RFBP-Net, we respectively set the feature size as 32, 64, 128, 256 and 512 to estimate the feature quality. The experiment result shown in Fig.4(c) demonstrates that with the increase of the feature size, both kinds of accuracies first increase and then decrease. Two curves reach respective peaks when the size of the feature vector is 128. This regularity of variation coincides with the variation regularity in Fig. 4(c). Besides, though the identity authentication accuracy reaches a maximum (96.13%) when the feature size is 128, the activity recognition achieves its peak (24.01%) as well. Thus, 128 is not the best choice for feature extraction. It can be noticed that at 64 (horizontal axis), the accuracies of identity authentication and activity recognition are 95.63% and 22.62% respectively, where the absolute value of the accuracy difference reaches the maximum. Therefore, it is reasonable that we set 64 as the default of feature size.
|Status||Ran. Gue.||Original Dataset||RFBP-Net|
5.6. Evaluation with well-selected parameters
Following the evaluation results above, we set the size of the training set, the hyper-parameter and the size of the extracted feature vector as 1000, 0.7 and 64 respectively because RFBP-Net could achieve the best performance under this condition in this experiment. The confusion matrix of identity authentication is shown in Fig. 5 , where one can see that the identity-relevant feature is effectively retained because the colors on the diagonal are significantly deeper than surrounding colors. Meanwhile, the activity-relevant feature is effectively reduced because the activity recognition accuracy drops more than 72%..
5.7. Comparison with random guess
Since we are the first to propose the concept of RFBP and also the first to solve the RFBP preserving issue in AOD, there is no related work that can be used for comparison. However, we can compare the authentication accuracy and recognition accuracy of RFBP-Net with a random guess to show the superiority of RFBP-Net. The comparison results are shown in Table 3. The results demonstrate that the privacy-preserved dataset, i.e., the dataset processed by RFBP-Net, provides equally identity authentication accuracy as the original dataset and as low activity recognition accuracy as a random guess. Thus, RFBP-Net is effective in activity privacy preserving.
6. Evaluation with WiFi
In order to evaluate the performance of RFBP-Net with WiFi signal, we conducted experiments with ten volunteers and collected over 29000 signal samples. The ages of volunteers varied from 22 to 35 and the their heights varied from 160 to 188 centimeters (2 females and 8 males).
Hardware: we used a transmitter which had three antennas to emit WiFi signals. A router which also has three antennas was employed as the receiver. The router was made by TPLink and the type was WDR7500-V3. Each transceiver was equipped with an Atheros Chip whose type was AR9500.
Software: we use Linux operation system to collect WiFi signals. We used an off-the-shelf Linux CSI tool (Halperin et al., 2011) to measure the CSI of WiFi signals. The transmission rate was 100 packets per second and we used 56 sub-channels. The collected raw data was first processed by MATLAB using Butterworth filter. Then the filtered signal was segmented via Python and ECLIPSE. Finally, the architecture of RFBP-Net was coded by Pytorch. The model was trained also by using ECLIPSE.
Experiment setup: as shown in Fig. 6(a), the transmitter was placed two meters away from the receiver. While posing the gestures shown in Fig. 6(b), the volunteer was standing in between. Both the transmitter and the receiver were placed on wooden cabinets, whose top surfaces were 80 centimeters off the ground. In this way, the main path of the WiFi signal could approximately pass through the volunteer’s hand.
Data preprocessing: after raw WiFi signal collection, we filtered raw data with a 5th-order low pass Butterworth filter with a cutoff frequency of 0.1HZ. Afterwards, we segmented the time-series data of each gesture of each volunteer so that each signal sample had the dimension . The first dimension 504 is 56 sub-channels 3 transmission antennas 3 receiving antennas. The second dimension 10 is 10 time stamps.
6.1. Validity of source data
As shown in Table 4, we separately trained KNN, NB, SVM, DT, NN and CNN by using 75% source signal samples and tested with 25% source signal samples. The columns from Sub.1 to Sub.10 mean the gesture recognition accuracy of ten different volunteers. Avg. Acc. means the average gesture recognition accuracy of these ten volunteers. ID means the identity authentication accuracy. Since the gesture recognition accuracy of WiFi is highly related to the domain of experiment components (Zheng et al., 2019), we classified the gestures of each subject (volunteer) one by one rather than all the subjects together. As can be seen from the results, all the average accuracies of gesture recognition are higher than 73% and all the identity authentication accuracies are higher than 97%. In NN and CNN, both kinds of accuracy are even higher than 93%. These results demonstrate that the source data is both identity feature-sufficient and gesture feature-sufficient. Moreover, CNN is an outstanding choice as the basic architecture of Siamese network. Thus in the following evaluation part, we use CNN to construct the Siamese network.
6.2. Learning model selection for feature quality evaluation
After training set construction, we first set the training set size, and feature size as 1000, 0.5 and 64, respectively. Then we trained KNN, NB, SVM, DT and NN and displayed the results in Table 5. From the column of Avg. Acc. one can find that by using the extracted feature, the average gesture recognition accuracies of all learning models have dropped lower than 20%. Meanwhile, the identity authentication accuracies of all learning models are higher than 98%. To our surprise, the identity authentication accuracy of DT even increases by 1.84%. Since NN shows the highest gesture recognition, we use NN to evaluate the feature quality in the following parts.
6.3. Effect of training set size
In a similar way to the RFID evaluation method, we set the number of training samples from 100 to 1000 with a stride of 100 to explore the effect of the training set size. The randomness of the training set would introduce extra variables, which would blur the accuracy variation caused by the training set size. Thus, we only constructed the training set once and use it in this and all following experiments. The experiment results are shown in Fig. 7. The top curve, middle curve and bottom curve represent identity authentication accuracy, accuracy difference and gesture recognition accuracy, respectively. When the number of training samples is smaller than 500, three curves have positive gradients. After 500, these three curve become flat. Thus, 500 training samples are sufficient for WiFi-based RFBP-Net training. In order to guarantee that RFBP-Net is training by using sufficient training samples, we set the training set size as 1000 in the following experiments.
6.4. Effect of the hyper-parameter
We varied from 0.0 to 1.0 with the a of 0.1 and displayed the experiment results in Fig. 8(a). When is in the interval of , different s produce a similar identity authentication accuracy and similar average accuracy of gesture recognition. When is 0.0, i.e., contrastive loss is zero, though the identity authentication accuracy is larger than 99%, the gesture recognition accuracies are also significant high. Some gesture recognition accuracies are even higher than 40%. This means that the extracted feature is still highly gesture feature-sufficient. When is 1.0, i.e., identity loss has no contribution, the average accuracy of gesture recognition remains lower than 20%. However, the identity authentication accuracy drops a lot, i.e., by approximately 10%. We can draw two conclusions from this experiment. 1) No matter how small is, as long as it is larger than 0.0, RFBP-Net can learn outstanding privacy-preserving ability. 2) During training, contrastive loss dominates the optimization procedure. Because even when identity loss is zero, the identity authentication accuracy is still higher than 85%. But behavior privacy is not well protected when contrastively loss is zero.
We consider 0.8 to be the best value of since the related accuracy difference is the highest one.
6.5. Effect of feature size
In a similar way to the RFID experiment, we tried five different feature sizes: 32, 64, 128, 256 and 512. The experiment results in Fig. 8(b) show that both kinds of accuracy decrease with the increase in feature size when feature size is larger than 64. When feature size is 512, both kinds of features are destroyed by RFBP-Net. Due to the fact that the overall average accuracy of gesture recognition is approximately 18% when feature size is smaller than 512, we consider 128 to be the best choice because the related identity authentication accuracy is the highest one.
6.6. Effect of activation function
Since we think that most of the activation functions would impact the representation ability of extracted features, we did not add activation function before the output layer of RFBP-Net. In order to validate our hypothesis, we tested seven different activation functions in Fig. 8(c): Sigmoid (Lee, 2014), Tanh (Abdelouahab et al., 2017), ReLU (Pretorius et al., 2019), Softplus (Liu and Furber, 2016), LeakyReLu (Zhang et al., 2017), ELU (Clevert et al., 2016) and PReLU (Ozawa et al., 2019). The results show that by using Sigmoid and Tanh, both kinds of accuracies become significantly low. The identity authentication accuracy is even lower than 10%. Though behavior privacy is well protected in most of the activation functions, corresponding identity-relevant features are simultaneously destroyed. Despite the PReLU function, all the identity authentication accuracies are lower than 90%. This phenomenon demonstrates that the majority of activation functions do diminish the representation ability of extracted features.
6.7. Evaluation with well-selected parameters
According to the experiment results above, in this experiment we set training set size, and feature size as 1000, 0.8 ad 128, respectively. The confusion matrix of identity authentication is shown in Fig. 9. The colors on the diagonal are deeper than the surrounding colors, which demonstrates that the identity-relevant feature is well retained. By contrast, the gesture recognition accuracy drops approximately 81%, which means our framework protects behavior privacy effectively.
|Status||Ran. Gue.||Original Dataset||RFBP-Net|
|Status||Subject 1||Subject 2||Subject 3||Subject 4||Subject 5||Average Accuracy||Identity|
|Status||Subject 1||Subject 2||Subject 3||Subject 4||Subject 5||Subject 6||Subject 7||Average Accuracy||Identity|
6.8. Comparison with random guess
In a similar way to the RFID experiment, there is no related WiFi-based previous work that can be referenced for comparison. Thus, we compare RFBP-Net with a random guess in Table 6. It can seen that after processing by RFBP-Net, the gesture recognition accuracy approximates a random guess, yet the identity authentication accuracy is still as high as the original dataset.
7. Evaluation with open dataset
7.1. Experiment with Wiar
Wiar contains the WiFi signal data of ten volunteers and 16 activities. We used 2601 samples of 16 activities of five volunteers because the activity recognition accuracies of the remaining five volunteers were relatively low. The experiment results are displayed in Table 7. In the first column, ‘Original’ means the highest accuracy the authors of (Guo et al., 2019) provided. ‘Unpressed’ means the accuracy achieved by using our CNN. ‘RFBP-Net’ means the accuracy of the data processed by RFBP-Net. The results show that RFBP-Net only causes an identity authentication accuracy reduction of 0.21% but protects activity privacy significantly well.
7.2. Experiment with Widar3.0
Widar3.0 is an open WiFi dataset published for gesture recognition study. Since Widar3.0 is a cross-domain dataset, we only used 261 samples of 6 gestures of 7 volunteers distributed in one domain. Since the number of samples is not large enough for deep learning, we use KNN, which shows best performance in NB-KNN-SVM-DT, to classify samples. The experiment results are shown in Table 8. As distinct from the negligible identity authentication accuracy reduction in Wiar, RFBP-Net causes a 15.23% reduction in Widar3.0. This makes sense. since the dataset size of Wiar is ten times that of Widar3.0, which makes RFBP-Net stunted when we trained RFBP-Net with Widar3.0. However, the accuracies of gesture recognition drop a lot, which demonstrates that RFBP-Net still performs well in the gesture privacy preserving of Widar3.0.
8. Discussion and Future Work
In this section, we present two future works and a vital observation.
First, in this paper, though we only utilize learning models to evaluate framework without mathematical formulas derivation, we believe that the successful experiments on five classic models (i.e. NB, KNN, SVM, DT and NN), a deep model (i.e., CNN) and two open datasets (i.e., Wiar and Widar3.0) are more than enough to guarantee the validity of our framework. We will explore the formulas derivation in the future.
Moreover, since RFBP preserving issue is different from other currently well-studied privacy-preserving issues, e.g., differential privacy preserving (Ji et al., 2014), we did not use the mathematical analysis methods of other issues to analyze RFBP preserving issue. It is potential that the solutions used to protect other categories of privacy can also be leveraged to protect RFBP. We will explore this possibility in the future.
Finally, it is feasible that we only invited ten volunteers (i.e., subjects) to participate in our signal collection, because we found that more volunteers would yield better performance. The regression results are shown in Fig. 10. The identity authentication accuracy of privacy-protected data increases when the number of subject increases. Meanwhile, with the increase of subject number, the reduction of identity authentication accuracy becomes smaller. Thus, we believe that RFBP-Net can perform well when the subject number is huge. .
In this paper, we first defined the concept of behavior privacy in RF signal and then expressed concerns over the privacy leakage. In order to preserve RFBP in wireless human-centered applications, we propose a novel framework, whose core is RFBP-Net, for behavior-irrelevant feature extraction in user authentication system. RFBP-Net leverages a Siamese network-based novel architecture to extract pure which can only be used for accurate identity authentication. The experiment results on a RFID system and a WiFi system showed that our framework can yield a behavior recognition accuracy of , trading with reduction in identity authentication accuracy. The results of the extensive experiments on two open datasets also showed that our framework can protect behavior privacy efficiently while causing negligible reduction in identity authentication accuracy.
- Abdelouahab et al. (2017) Kamel Abdelouahab, Maxime Pelcat, and François Berry. 2017. Why TanH is a Hardware Friendly Activation Function for CNNs. In Proceedings of the 11th International Conference on Distributed Smart Cameras. 199–201.
- Chopra et al. (2005) Sumit Chopra, Raia Hadsell, and Yann LeCun. 2005. Learning a Similarity Metric Discriminatively, with Application to Face Verification. In
- Clevert et al. (2016) Djork-Arné Clevert, Thomas Unterthiner, and Sepp Hochreiter. 2016. Fast and Accurate Deep Network Learning by Exponential Linear Units (ELUs). In 4th International Conference on Learning Representations, ICLR.
- Ding et al. (2015) Han Ding, Longfei Shangguan, Zheng Yang, Jinsong Han, Zimu Zhou, Panlong Yang, Wei Xi, and Jizhong Zhao. 2015. FEMO: A Platform for Free-weight Exercise Monitoring with RFIDs. In Proceedings of the 13th ACM Conference on Embedded Networked Sensor Systems, SenSys. 141–154.
- Fan et al. (2018) Xiaoyi Fan, Wei Gong, and Jiangchuan Liu. 2018. TagFree Activity Identification with RFIDs. IMWUT 2, 1 (2018), 7:1–7:23.
- Guo et al. (2019) Linlin Guo, Silu Guo, Lei Wang, Chuang Lin, Jialin Liu, Bingxian Lu, Jian Fang, Zhonghao Liu, Zeyang Shan, and Jingwen Yang. 2019. Wiar: A Public Dataset for Wifi-Based Activity Recognition. IEEE Access 7 (2019), 154935–154945.
- Guo et al. (2016) Linlin Guo, Lei Wang, Jialin Liu, and Wei Zhou. 2016. A Survey on motion detection using WiFi signals. In Proc. of IEEE MSN.
- Halperin et al. (2011) Daniel Halperin, Wenjun Hu, Anmol Sheth, and David Wetherall. 2011. Tool release: gathering 802.11n traces with channel state information. Computer Communication Review 41, 1 (2011), 53.
- Ji et al. (2014) Zhanglong Ji, Zachary Chase Lipton, and Charles Elkan. 2014. Differential Privacy and Machine Learning: a Survey and Review. CoRR abs/1412.7584 (2014).
- Kaspersky (2015) Kaspersky. 2015. The Great Bank Robbery: Carbanak cybergang steals $1bn from 100 financial institutions worldwide. https://www.kaspersky.com/about/press-releases/2015_the-great-bank-robbery-carbanak-cybergang-steals--1bn-from-100-financial-institutions-worldwide.
- Lee (2014) Sang-Wha Lee. 2014. Optimisation of the cascade correlation algorithm to solve the two-spiral problem by using CosGauss and Sigmoid activation functions. IJIIDS 8, 2 (2014), 97–115.
- Li et al. (2016) Xinyu Li, Yanyi Zhang, Ivan Marsic, Aleksandra Sarcevic, and Randall S. Burd. 2016. Deep Learning for RFID-Based Activity Recognition. In Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems, SenSys. 164–175.
- Liu and Furber (2016) Qian Liu and Steve B. Furber. 2016. Noisy Softplus: A Biology Inspired Activation Function. In Neural Information Processing - 23rd International Conference, ICONIP. 405–412.
- Lv et al. (2017) Jiguang Lv, Wu Yang, Dapeng Man, Xiaojiang Du, Miao Yu, and Mohsen Guizani. 2017. Wii: Device-Free Passive Identity Identification via WiFi Signals. In IEEE Global Communications Conference, GLOBECOM. 1–6.
- Nar et al. (2019) Kacol Nar, Orhan Ocal, S. Shankar Sastry, and Kannan Ramchandran. 2019. Cross-Entropy Loss and Low-Rank Features Have Responsibility for Adversarial Examples. CoRR abs/1901.08360 (2019).
- Ozawa et al. (2019) Kazuya Ozawa, Kaito Isogai, Toshihiro Tachibana, Hideo Nakano, and Hideaki Okazaki. 2019. A Multiplication by a Neural Network (NN) with Power Activations and a Polynomial Enclosure for a NN with PReLUs. In 62nd IEEE International Midwest Symposium on Circuits and Systems, MWSCAS. 323–326.
- Pokkunuru et al. (2018) Akarsh Pokkunuru, Kalvik Jakkala, Arupjyoti Bhuyan, Pu Wang, and Zhi Sun. 2018. NeuralWave: Gait-Based User Identification Through Commodity WiFi and Deep Learning. In IECON - 44th Annual Conference of the IEEE Industrial Electronics Society. 758–765. https://doi.org/10.1109/IECON.2018.8591820
et al. (2019)
Arnold M. Pretorius,
Etienne Barnard, and Marelie H. Davel.
ReLU and sigmoidal activation functions. In
Proceedings of the South African Forum for Artificial Intelligence Research. 37–48.
- Shi et al. (2017) Cong Shi, Jian Liu, Hongbo Liu, and Yingying Chen. 2017. Smart User Authentication through Actuation of Daily Activities Leveraging WiFi-enabled IoT. In Proceedings of the 18th ACM International Symposium on Mobile Ad Hoc Networking and Computing. 5:1–5:10.
- Wang et al. (2018) Fei Wang, Jinsong Han, Ziyi Dai, Han Ding, and Dong Huang. 2018. WiPIN: Operation-free Person Identification using WiFi Signals. CoRR abs/1810.04106 (2018). arXiv:1810.04106 http://arxiv.org/abs/1810.04106
- Wang et al. (2019) Fei Wang, Sanping Zhou, Stanislav Panev, Jinsong Han, and Dong Huang. 2019. Person-in-WiFi: Fine-grained Person Perception using WiFi. CoRR abs/1904.00276 (2019). arXiv:1904.00276 http://arxiv.org/abs/1904.00276
- Wang et al. (2020) Shuihua Wang, Khan Muhammad, Jin Hong, Arun Kumar Sangaiah, and Yudong Zhang. 2020. Alcoholism identification via convolutional neural network based on parametric ReLU, dropout, and batch normalization. Neural Computing and Applications 32, 3 (2020), 665–680.
- Wang et al. (2016) Wei Wang, Alex X. Liu, and Muhammad Shahzad. 2016. Gait recognition using wifi signals. In Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing. 363–373.
- Wang et al. (2015) Wei Wang, Alex X Liu, Muhammad Shahzad, Kang Ling, and Sanglu Lu. 2015. Understanding and Modeling of WiFi Signal Based Human Activity Recognition. (2015), 65–76.
- Wang et al. (2017) Wei Wang, Alex X Liu, Muhammad Shahzad, Kang Ling, and Sanglu Lu. 2017. Device-Free Human Activity Recognition Using Commercial WiFi Devices. IEEE Journal on Selected Areas in Communications 35, 5 (2017), 1118–1131.
- Wang et al. (2014) Yan Wang, Jian Liu, Yingying Chen, Marco Gruteser, Jie Yang, and Hongbo Liu. 2014. E-eyes: device-free location-oriented activity identification using fine-grained WiFi signatures. (2014), 617–628.
- Wang and Zheng (2018) Yanwen Wang and Yuanqing Zheng. 2018. Modeling RFID Signal Reflection for Contact-free Activity Recognition. IMWUT 2, 4 (2018), 193:1–193:22.
- Xin et al. (2016) Tong Xin, Bin Guo, Zhu Wang, Mingyang Li, Zhiwen Yu, and Xingshe Zhou. 2016. FreeSense: Indoor Human Identification with Wi-Fi Signals. In 2016 IEEE Global Communications Conference, GLOBECOM. 1–7.
- Zeng et al. (2016) Yunze Zeng, Parth H. Pathak, and Prasant Mohapatra. 2016. WiWho: WiFi-Based Person Identification in Smart Spaces. In 15th ACM/IEEE International Conference on Information Processing in Sensor Networks, IPSN. 4:1–4:12.
- Zhang et al. (2016) Jin Zhang, Bo Wei, Wen Hu, and Salil S. Kanhere. 2016. WiFi-ID: Human Identification Using WiFi Signal. In International Conference on Distributed Computing in Sensor Systems, DCOSS. 75–82.
- Zhang et al. (2017) Xiaohu Zhang, Yuexian Zou, and Wei Shi. 2017. Dilated convolution neural network with LeakyReLU for environmental sound classification. In 22nd International Conference on Digital Signal Processing, DSP. 1–5.
- Zhao et al. (2019) Cui Zhao, Zhenjiang Li, Ting Liu, Han Ding, Jinsong Han, Wei Xi, and Ruowei Gui. 2019. RF-Mehndi: A Fingertip Profiled RF Identifier. In 2019 IEEE Conference on Computer Communications, INFOCOM. 1513–1521.
Zhao et al. (2018)
Mingmin Zhao, Tianhong
Li, Mohammad Abu Alsheikh, Yonglong
Tian, Hang Zhao, Antonio Torralba, and
Dina Katabi. 2018.
Through-Wall Human Pose Estimation Using Radio Signals. In2018 IEEE Conference on Computer Vision and Pattern Recognition, CVPR. 7356–7365.
- Zheng et al. (2019) Yue Zheng, Yi Zhang, Kun Qian, Guidong Zhang, Yunhao Liu, Chenshu Wu, and Zheng Yang. 2019. Zero-Effort Cross-Domain Gesture Recognition with Wi-Fi. In Proceedings of the 17th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys. 313–325.
- Zhu et al. (2018) Yanzi Zhu, Zhujun Xiao, Yuxin Chen, Zhijing Li, Max Liu, Ben Y. Zhao, and Haitao Zheng. 2018. Adversarial WiFi Sensing. CoRR abs/1810.10109 (2018).