TY - GEN
T1 - Performing traffic analysis on a wireless identifier-free link layer
AU - Bauer, Kevin
AU - McCoy, Damon
AU - Greenstein, Ben
AU - Grunwald, Dirk
AU - Sicker, Douglas
PY - 2009
Y1 - 2009
N2 - Recent work has focused on removing explicit network identifiers (such as MAC addresses) from the wireless link layer to protect users' privacy. However, despite comprehensive proposals to conceal all information encoded in the bits of the headers and payloads of network packets, we find that a straightforward attack on a physical layer property yields information that aids in the profiling of users. In this paper, a statistical technique is developed to associate wireless packets with their respective transmitters solely using the signal strengths of overheard packets. Through experiments conducted in a real indoor office building environment, we demonstrate that packets with no explicit identifiers can be grouped together by their respective transmitters with high accuracy. We next show that this technique is sufficiently accurate to allow an adversary to conduct a variety of complex traffic analysis attacks. As an example, we demonstrate that one type of traffic analysis - a website fingerprinting attack - can be successfully implemented after packets have been associated with their transmitters. Finally, we propose and evaluate techniques that can introduce noise into the measurements of such physical layer phenomena to obfuscate the identifiers derived from them.
AB - Recent work has focused on removing explicit network identifiers (such as MAC addresses) from the wireless link layer to protect users' privacy. However, despite comprehensive proposals to conceal all information encoded in the bits of the headers and payloads of network packets, we find that a straightforward attack on a physical layer property yields information that aids in the profiling of users. In this paper, a statistical technique is developed to associate wireless packets with their respective transmitters solely using the signal strengths of overheard packets. Through experiments conducted in a real indoor office building environment, we demonstrate that packets with no explicit identifiers can be grouped together by their respective transmitters with high accuracy. We next show that this technique is sufficiently accurate to allow an adversary to conduct a variety of complex traffic analysis attacks. As an example, we demonstrate that one type of traffic analysis - a website fingerprinting attack - can be successfully implemented after packets have been associated with their transmitters. Finally, we propose and evaluate techniques that can introduce noise into the measurements of such physical layer phenomena to obfuscate the identifiers derived from them.
UR - http://www.scopus.com/inward/record.url?scp=70450265875&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=70450265875&partnerID=8YFLogxK
U2 - 10.1145/1565799.1565804
DO - 10.1145/1565799.1565804
M3 - Conference contribution
AN - SCOPUS:70450265875
SN - 9781605582177
T3 - Proceedings of the Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations
SP - 18
EP - 23
BT - Proceedings of the Richard Tapia Celebration of Diversity in Computing Conference 2009
T2 - Richard Tapia Celebration of Diversity in Computing Conference 2009: Intellect, Initiatives, Insight, and Innovations
Y2 - 1 April 2009 through 4 April 2009
ER -