Scientists develop ways to camouflage heart rate from radar-based surveillance

Researchers at Rice University in Houston, Texas have demonstrated a new technique that can hide – or even fabricate – human heart rate signals from radar-based surveillance systems, raising fresh questions about the growing reach of biometric monitoring technologies and how individuals might defend their privacy.

In a study that frames a near-future but technologically plausible scenario, the research team explored how millimeter-wave radar sensors could be used to remotely track a person’s heart rate without their knowledge.

Such sensors, already embedded in many consumer and industrial devices, can detect subtle bodily motions, including breathing and heartbeat, from a distance. The researchers warn that this capability could be misused to infer stress, fatigue, alertness, or even presence inside a room.

The researchers posited a scenario in a recent study that used a simple narrative device: two characters named “Trudy,” a malicious intruder equipped with radar, and “Alice,” an unsuspecting target.

Through this setup, the researchers demonstrated that millimeter-wave sensing can be used to detect a person’s presence and, by monitoring heart-rate signals, potentially infer stress, fatigue, or other aspects of an individual’s physical or emotional state.

According to the researchers, Trudy’s tools are not science fiction. Off-the-shelf millimeter-wave radars can already detect fine-grained physiological signals and have been shown in prior research to enable eavesdropping, movement tracking, and presence detection.

“We used this scenario to stage a technologically possible use case for a radar-based heart rate monitoring system,” said Dora Zivanovic, a graduate student in the lab of Edward Knightly at Rice, the Sheafor-Lindsay Professor of Electrical and Computer Engineering at Rice.

The goal, Zivanovic explained, was to illustrate both the privacy risks posed by pervasive sensing and the feasibility of technical countermeasures.

To that end, the team developed a defense they call MetaHeart. Instead of merely blocking radar signals, MetaHeart actively deceives them.

The system uses a programmable metasurface – an engineered material that can precisely manipulate electromagnetic waves – to reflect back a fabricated heartbeat pattern. In effect, the radar sees a biometric signal that is not real.

“We fool the radar on the level of the electromagnetic signal itself,” Zivanovic said. “You can program the device with any heartbeat pattern you like.”

In laboratory tests using a 77-gigahertz radar system, MetaHeart successfully spoofed heartbeat inferences with accuracy exceeding 98 percent.

The researchers also demonstrated that the device could create the illusion of human presence when no one was there, a capability that could undermine radar-based occupancy and monitoring systems.

Knightly, the study’s senior author, said the work highlights the urgent need to think seriously about privacy in an era of increasingly powerful sensing technologies.

“Sensing technologies are becoming higher resolution and more pervasive, and concerns around what that means for privacy should be taken seriously,” Knightly said. “It is important to explore potential vulnerabilities and think about how we might address them.”

While the MetaHeart system is currently a research prototype, the study underscores a broader point: as biometric sensing moves beyond wearables and cameras into invisible, radar-based systems, traditional notions of consent and awareness break down.

Unlike cameras or fingerprint readers, millimeter-wave radars can operate silently and at a distance, making it difficult for individuals to know when they are being monitored.

The research was supported by multiple government and industry funders, including the Army Research Office, Intel, Cisco, and the National Science Foundation, as well as through facilities operated for the Department of Energy.

Article Topics

biometric monitoring  |  biometrics research  |  heartbeat biometrics  |  MetaHeart  |  presence detection  |  spoofing