Performing traffic analysis on a wireless identifier-free link layer

Kevin Bauer, Damon McCoy, Ben Greenstein, Dirk Grunwald, Douglas Sicker

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Recent work has focused on removing explicit network identifiers (such as MAC addresses) from the wireless link layer to protect users' privacy. However, despite comprehensive proposals to conceal all information encoded in the bits of the headers and payloads of network packets, we find that a straightforward attack on a physical layer property yields information that aids in the profiling of users. In this paper, a statistical technique is developed to associate wireless packets with their respective transmitters solely using the signal strengths of overheard packets. Through experiments conducted in a real indoor office building environment, we demonstrate that packets with no explicit identifiers can be grouped together by their respective transmitters with high accuracy. We next show that this technique is sufficiently accurate to allow an adversary to conduct a variety of complex traffic analysis attacks. As an example, we demonstrate that one type of traffic analysis - a website fingerprinting attack - can be successfully implemented after packets have been associated with their transmitters. Finally, we propose and evaluate techniques that can introduce noise into the measurements of such physical layer phenomena to obfuscate the identifiers derived from them.

    Original languageEnglish (US)
    Title of host publicationProceedings of the Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations
    Pages18-23
    Number of pages6
    DOIs
    StatePublished - 2009
    EventRichard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations - Portland, OR, United States
    Duration: Apr 1 2009Apr 4 2009

    Other

    OtherRichard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations
    CountryUnited States
    CityPortland, OR
    Period4/1/094/4/09

    Fingerprint

    Telecommunication traffic
    Telecommunication links
    Transmitters
    Office buildings
    Packet networks
    Websites
    Experiments

    ASJC Scopus subject areas

    • Computer Science Applications
    • Software

    Cite this

    Bauer, K., McCoy, D., Greenstein, B., Grunwald, D., & Sicker, D. (2009). Performing traffic analysis on a wireless identifier-free link layer. In Proceedings of the Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations (pp. 18-23) https://doi.org/10.1145/1565799.1565804

    Performing traffic analysis on a wireless identifier-free link layer. / Bauer, Kevin; McCoy, Damon; Greenstein, Ben; Grunwald, Dirk; Sicker, Douglas.

    Proceedings of the Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations. 2009. p. 18-23.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Bauer, K, McCoy, D, Greenstein, B, Grunwald, D & Sicker, D 2009, Performing traffic analysis on a wireless identifier-free link layer. in Proceedings of the Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations. pp. 18-23, Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations, Portland, OR, United States, 4/1/09. https://doi.org/10.1145/1565799.1565804
    Bauer K, McCoy D, Greenstein B, Grunwald D, Sicker D. Performing traffic analysis on a wireless identifier-free link layer. In Proceedings of the Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations. 2009. p. 18-23 https://doi.org/10.1145/1565799.1565804
    Bauer, Kevin ; McCoy, Damon ; Greenstein, Ben ; Grunwald, Dirk ; Sicker, Douglas. / Performing traffic analysis on a wireless identifier-free link layer. Proceedings of the Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations. 2009. pp. 18-23
    @inproceedings{62b96fd171cb4b4e879e629294bf0f12,
    title = "Performing traffic analysis on a wireless identifier-free link layer",
    abstract = "Recent work has focused on removing explicit network identifiers (such as MAC addresses) from the wireless link layer to protect users' privacy. However, despite comprehensive proposals to conceal all information encoded in the bits of the headers and payloads of network packets, we find that a straightforward attack on a physical layer property yields information that aids in the profiling of users. In this paper, a statistical technique is developed to associate wireless packets with their respective transmitters solely using the signal strengths of overheard packets. Through experiments conducted in a real indoor office building environment, we demonstrate that packets with no explicit identifiers can be grouped together by their respective transmitters with high accuracy. We next show that this technique is sufficiently accurate to allow an adversary to conduct a variety of complex traffic analysis attacks. As an example, we demonstrate that one type of traffic analysis - a website fingerprinting attack - can be successfully implemented after packets have been associated with their transmitters. Finally, we propose and evaluate techniques that can introduce noise into the measurements of such physical layer phenomena to obfuscate the identifiers derived from them.",
    author = "Kevin Bauer and Damon McCoy and Ben Greenstein and Dirk Grunwald and Douglas Sicker",
    year = "2009",
    doi = "10.1145/1565799.1565804",
    language = "English (US)",
    isbn = "9781605582177",
    pages = "18--23",
    booktitle = "Proceedings of the Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations",

    }

    TY - GEN

    T1 - Performing traffic analysis on a wireless identifier-free link layer

    AU - Bauer, Kevin

    AU - McCoy, Damon

    AU - Greenstein, Ben

    AU - Grunwald, Dirk

    AU - Sicker, Douglas

    PY - 2009

    Y1 - 2009

    N2 - Recent work has focused on removing explicit network identifiers (such as MAC addresses) from the wireless link layer to protect users' privacy. However, despite comprehensive proposals to conceal all information encoded in the bits of the headers and payloads of network packets, we find that a straightforward attack on a physical layer property yields information that aids in the profiling of users. In this paper, a statistical technique is developed to associate wireless packets with their respective transmitters solely using the signal strengths of overheard packets. Through experiments conducted in a real indoor office building environment, we demonstrate that packets with no explicit identifiers can be grouped together by their respective transmitters with high accuracy. We next show that this technique is sufficiently accurate to allow an adversary to conduct a variety of complex traffic analysis attacks. As an example, we demonstrate that one type of traffic analysis - a website fingerprinting attack - can be successfully implemented after packets have been associated with their transmitters. Finally, we propose and evaluate techniques that can introduce noise into the measurements of such physical layer phenomena to obfuscate the identifiers derived from them.

    AB - Recent work has focused on removing explicit network identifiers (such as MAC addresses) from the wireless link layer to protect users' privacy. However, despite comprehensive proposals to conceal all information encoded in the bits of the headers and payloads of network packets, we find that a straightforward attack on a physical layer property yields information that aids in the profiling of users. In this paper, a statistical technique is developed to associate wireless packets with their respective transmitters solely using the signal strengths of overheard packets. Through experiments conducted in a real indoor office building environment, we demonstrate that packets with no explicit identifiers can be grouped together by their respective transmitters with high accuracy. We next show that this technique is sufficiently accurate to allow an adversary to conduct a variety of complex traffic analysis attacks. As an example, we demonstrate that one type of traffic analysis - a website fingerprinting attack - can be successfully implemented after packets have been associated with their transmitters. Finally, we propose and evaluate techniques that can introduce noise into the measurements of such physical layer phenomena to obfuscate the identifiers derived from them.

    UR - http://www.scopus.com/inward/record.url?scp=70450265875&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=70450265875&partnerID=8YFLogxK

    U2 - 10.1145/1565799.1565804

    DO - 10.1145/1565799.1565804

    M3 - Conference contribution

    AN - SCOPUS:70450265875

    SN - 9781605582177

    SP - 18

    EP - 23

    BT - Proceedings of the Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations

    ER -