IEEE 802.11-23/2088r0 Device Profiling Considerations
Explore the implications of changing MAC addresses simultaneously during device profiling based on traffic characteristics. Discover the potential risks and benefits of utilizing multiple MAC addresses for improved privacy in network communications.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
November 2023 doc.: IEEE 802.11-23/2088r0 TGbi Analysis simultaneous MAC address change Date: 2023-11-14 Authors: Name Affiliations Address Phone email A. De la Oliva InterDigital, UC3M Avda. De la Universidad 30, Leganes, Madrid, Spain +34 91 6248803 aoliva@it.uc3m.es J. Levy Interdigital Submission
November 2023 doc.: IEEE 802.11-23/2088r0 Device profiling Device profiling can be done based on following flow characteristics Time series: Packet lengths Inter packet arrival Direction of the flow Summarized data across a time window The number of packets sent from the device to AP. The number of packets received by the device from AP. The variance of inter-arrival time. The average number of consecutively sent packets before seeing a received packet. The average number of consecutively received packets before seeing a sent packet. Total number of bytes in sent packets. Total number of bytes in received packets. Number of different sizes in sent packets. Number of different sizes in received packets. Maximum packet size. Mode of sent packet lengths (i.e., the packet size that appeared most in the monitoring window). Mode of received packet lengths. The variance of sent packet size distribution. The variance of received packet size distribution. Macro metrics Bandwidth profile of the device Submission
November 2023 doc.: IEEE 802.11-23/2088r0 Device profiling Based on the metrics shown in previous slide, a device can be profiled in short periods of time Submission
November 2023 doc.: IEEE 802.11-23/2088r0 Considerations Changing MAC addresses simultaneously in cases of device profiling based on traffic characteristics may actually be a bad idea You will signal the attacker when it needs to look for changes It may be better to go for mechanisms where STAs may or may not change the MAC address Simultaneous use of multiple MAC addresses where the packets of a flow are spread will improve the privacy characteristics Submission
November 2023 doc.: IEEE 802.11-23/2088r0 References M. Alyami, I. Alharbi, C. Zou, Y. Solihin and K. Ackerman, "WiFi-based IoT Devices Profiling Attack based on Eavesdropping of Encrypted WiFi Traffic," 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 2022, pp. 385-392, doi: 10.1109/CCNC49033.2022.9700674. Tadayoshi Kohno, Andre Broido and Kimberly C Claffy, "Remote physical device fingerprinting", IEEE Transactions on Dependable and Secure Computing, vol. 2, no. 2, pp. 93-108, 2005. BR Chandavarkar et al., "Detecting rogue access points using kismet", 2015 International Conference on Communications and Signal Processing (ICCSP), pp. 0172-0175, 2015. Submission
