nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Quantifying the Information Leak in IEEE 802.11 Network Discovery

verfasst von : Otto Waltari, Jussi Kangasharju

Erschienen in: Wired/Wireless Internet Communications

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Wi-Fi is often the easiest and most affordable way to get a device connected. When a device connects to any Wi-Fi network its identifier (SSID) is stored in the device. These SSIDs are sometimes intentionally exposed to the outside world during periodic network discovery routines. In this paper we quantify the information leak that is present in the current network discovery protocol. Our collected data shows how common it is for a device to leak information and what can be derived from the names of networks a user has connected to in the past. We introduce a way to measure the uniqueness of an entity, which is based on the set of leaked SSID names. We apply previously proposed methods of MAC address randomization reversal on our data and evaluate entity uniqueness. We show how unique SSID names backfire against attempts to obfuscate user devices. Finally we evaluate an existing alternative network discovery scheme that does not leak information.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel An Anti-jamming Strategy When it Is Unknown Which Receivers Will Face with Smart Interference

Nächstes Kapitel Pairing-Based Cryptography on the Internet of Things: A Feasibility Study

https://wigle.net/.

https://w1.fi/wpa_supplicant/.

https://w1.fi/hostapd/.

Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. IEEE Std 802.11-2012 (Revision of IEEE Std 802.11-2007), pp. 1–2793, March 2012

Barbera, M.V., Epasto, A., Mei, A., Perta, V.C., Stefa, J.: Signals from the crowd: uncovering social relationships through smartphone probes. In: Proceedings of the 2013 Conference on Internet Measurement Conference, IMC 2013, pp. 265–276. ACM, New York (2013). https://doi.org/10.1145/2504730.2504742

Freudiger, J.: How talkative is your mobile device?: an experimental study of Wi-Fi probe requests. In: Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, WiSec 2015, pp. 8:1–8:6. ACM, New York (2015). https://doi.org/10.1145/2766498.2766517

Greenstein, B., McCoy, D., Pang, J., Kohno, T., Seshan, S., Wetherall, D.: Improving wireless privacy with an identifier-free link layer protocol. In: Proceedings of the 6th International Conference on Mobile Systems, Applications, and Services, MobiSys 2008, pp. 40–53. ACM, New York (2008). https://doi.org/10.1145/1378600.1378607

Gruteser, M., Grunwald, D.: Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis. In: Proceedings of the 1st ACM International Workshop on Wireless Mobile Applications and Services on WLAN Hotspots, WMASH 2003, pp. 46–55. ACM, New York (2003). https://doi.org/10.1145/941326.941334

Lindqvist, J., et al.: Privacy-preserving 802.11 access-point discovery. In: Proceedings of the Second ACM Conference on Wireless Network Security, WiSec 2009, pp. 123–130. ACM, New York (2009). https://doi.org/10.1145/1514274.1514293

Martin, J., et al.: A study of MAC address randomization in mobile devices and when it fails. arXiv preprint arXiv:1703.02874 (2017)

Matte, C., Cunche, M., Rousseau, F., Vanhoef, M.: Defeating MAC address randomization through timing attacks. In: Proceedings of the 9th ACM Conference on Security & #38; Privacy in Wireless and Mobile Networks, WiSec 2016, pp. 15–20. ACM, New York (2016). https://doi.org/10.1145/2939918.2939930

Pang, J., Greenstein, B., Gummadi, R., Seshan, S., Wetherall, D.: 802.11 user fingerprinting. In: Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking, MobiCom 2007, pp. 99–110, ACM, New York (2007). https://doi.org/10.1145/1287853.1287866

10.

Riley, S.: Myth vs. reality: wireless SSIDs, October 2007

11.

Singelée, D., Preneel, B.: Location privacy in wireless personal area networks. In: Proceedings of the 5th ACM Workshop on Wireless Security, WiSe 2006, pp. 11–18. ACM, New York (2006). https://doi.org/10.1145/1161289.1161292

12.

Vanhoef, M., Matte, C., Cunche, M., Cardoso, L.S., Piessens, F.: Why MAC address randomization is not enough: an analysis of Wi-Fi network discovery mechanisms. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ASIA CCS 2016, pp. 413–424. ACM, New York (2016). https://doi.org/10.1145/2897845.2897883

13.

Waltari, O., Kangasharju, J.: The wireless shark: identifying WiFi devices based on probe fingerprints. In: Proceedings of the First Workshop on Mobile Data, MobiData 2016, pp. 1–6. ACM, New York (2016). https://doi.org/10.1145/2935755.2935757

Titel: Quantifying the Information Leak in IEEE 802.11 Network Discovery
verfasst von: Otto Waltari
Jussi Kangasharju
Verlag: Springer International Publishing
Buch: Wired/Wireless Internet Communications
Print ISBN: 978-3-030-02930-2

Electronic ISBN: 978-3-030-02931-9

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-030-02931-9_17

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"