802.11 User Fingerprinting
by David Wetherall, Ben Greenstein, Jeff Pang, Ramki Gummadi, Srinivasan Seshan
url show details
Details
| url: | http://www.cs.cmu.edu/~jeffpang/papers/mobicom07-fp.pdf | | abstract: | track our every move with alarming ease. Each 802.11 device
transmits a globally unique and persistent MAC address and thus
is trivially identifiable. In response, recent research has proposed
replacing such identifiers with pseudonyms (i.e., temporary, unlinkable
names). In this paper, we demonstrate that pseudonyms
are insufficient to prevent tracking of 802.11 devices because implicit
identifiers, or identifying characteristics of 802.11 traffic, can
identify many users with high accuracy. For example, even without
unique names and addresses, we estimate that an adversary can
identify 64% of users with 90% accuracy when they spend a day
at a busy hot spot. We present an automated procedure based on
four previously unrecognized implicit identifiers that can identify
users in three real 802.11 traces even when pseudonyms and encryption
are employed. We find that the majority of users can be
identified using our techniques, but our ability to identify users is
not uniform; some users are not easily identifiable. Nonetheless,
we show that even a single implicit identifier is sufficient to distinguish
many users. Therefore, we argue that design considerations
beyond eliminating explicit identifiers (i.e., unique names and addresses),
must be addressed in order to prevent user tracking in
wireless networks. | | type: | misc |
|
|
You need to log in to add tags and post comments.
