PhantomMotion: Laser-Based Motion Injection Attacks on Wireless Security Surveillance Systems
Yan He
Network and Distributed System Security (NDSS) Symposium 2026 · Day 2 · Wireless Security
Yan He from the University of Oklahoma presents PhantomMotion, a novel attack that uses lasers to inject fake motion events into wireless security cameras, exploiting the passive infrared (PIR) motion sensors that trigger recording in battery-powered cameras. By heating a surface within the camera's detection zone to approximately **37 degrees Celsius** (simulating human body temperature), a laser can trick the camera into recording empty footage. When repeated rapidly, the attack serves as both a **denial-of-service** (draining battery-powered cameras from 60 days to under 3 hours of battery life) and a **cry-wolf attack** (flooding the user with hundreds of false alarms, causing them to ignore real intrusions). The researchers tested 15 cameras and 3 security systems with a **100% success rate** and demonstrated a remote attack at **120 meters** distance. The attack can also be used defensively to detect and disable hidden cameras in spaces like hotel rooms and Airbnbs.
AI review
A practical physical-layer attack that reliably disables wireless security cameras by exploiting PIR motion sensor physics. The 100% success rate across 15 cameras, battery drain from 60 days to 3 hours, and 120-meter range make this operationally useful. Clean engineering but the underlying insight (lasers produce heat, PIR sensors detect heat) is not deeply novel.