Metasurface-enabled smart wireless attacks at the physical layer

Abstract Information security is of paramount importance in the modern society, and it is crucial that communication systems are conceived and implemented in order to be inherently resilient in this respect. In current wireless communication systems, some of the most sophisticated attack strategies aim at the physical layer, i.e., at the electromagnetic wave signal carrying the information, but the implied physical interaction with the target inherently leaves traces in the physical environment, which render these attacks typically detectable. However, this may not be the case for future (the 6th generation and beyond) wireless networks, whose current vision relies on the concept of “smart radio environment”, empowered by suitably engineering reflecting devices (also called as metasurfaces) that can manipulate the wave signals in unconventional fashions (e.g., non-specular reflections) and that can be reconfigured at will. These metasurface elements, which should be pervasively deployed and suitably disguised in the indoor and outdoor environment, potentially introduce new vulnerabilities to the physical-layer attacks that should be fully understood and addressed. To this aim, here, we put forward the concept of smart wireless attacks at the physical layer by exploiting the unique capabilities of programmable metasurfaces in the joint manipulations of radio waves and digital information in a wireless scenario. Specifically, we illustrate both passive and active operational modes. In the passive mode, an attacker is capable of eavesdropping and breaking the target wireless information transfer by controlling the programmable metasurface, without radiating any signal actively. In the active mode, an attacker can not only eavesdrop but also furtively falsify the target wireless communications by sending some deceptive information to the target. In both operational modes, the detectability of the attacker can be minimized. As a proof of concept, we design and realize an attacker prototype working in the Wi-Fi band around 2.4GHz, and demonstrate experimentally its ability to hack wireless data streams. Our results raise awareness on the new types of security threats and challenges that the next-generation wireless networks will likely have to face, and indicate that suitable mitigation strategies and specific security protocols need to be conceived and developed at the present stage, while the smart-radio-environment concept is still in its infancy.