Performing traffic analysis on a wireless identifier-free link layer

Authors:
Kevin Bauer;Damon McCoy;Ben Greenstein;Dirk Grunwald;Douglas Sicker
Affiliations:
University of Colorado;University of Colorado;Intel Research Seattle;University of Colorado;University of Colorado
Venue:
The Fifth Richard Tapia Celebration of Diversity in Computing Conference: Intellect, Initiatives, Insight, and Innovations
Year:
2009

Citing 11
Cited 0

Information Retrieval

Information Retrieval
Statistical Identification of Encrypted Web Browsing Traffic

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Measurement-based models of delivery and interference in static wireless networks

Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Inferring the source of encrypted HTTP connections

Proceedings of the 13th ACM conference on Computer and communications security
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)

Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
On Inferring Application Protocol Behaviors in Encrypted Network Traffic

The Journal of Machine Learning Research
Timing analysis of keystrokes and timing attacks on SSH

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
802.11 user fingerprinting

Proceedings of the 13th annual ACM international conference on Mobile computing and networking
Language identification of encrypted VoIP traffic: Alejandra y Roberto or Alice and Bob?

SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Devices that tell on you: privacy trends in consumer ubiquitous computing

SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Improving wireless privacy with an identifier-free link layer protocol

Proceedings of the 6th international conference on Mobile systems, applications, and services

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recent work has focused on removing explicit network identifiers (such as MAC addresses) from the wireless link layer to protect users' privacy. However, despite comprehensive proposals to conceal all information encoded in the bits of the headers and payloads of network packets, we find that a straightforward attack on a physical layer property yields information that aids in the profiling of users. In this paper, a statistical technique is developed to associate wireless packets with their respective transmitters solely using the signal strengths of overheard packets. Through experiments conducted in a real indoor office building environment, we demonstrate that packets with no explicit identifiers can be grouped together by their respective transmitters with high accuracy. We next show that this technique is sufficiently accurate to allow an adversary to conduct a variety of complex traffic analysis attacks. As an example, we demonstrate that one type of traffic analysis--a website fingerprinting attack--can be successfully implemented after packets have been associated with their transmitters. Finally, we propose and evaluate techniques that can introduce noise into the measurements of such physical layer phenomena to obfuscate the identifiers derived from them.