%0 Conference Proceedings
%T Quantifying the Information Leak in IEEE 802.11 Network Discovery
%+ Department of Computer Science [Helsinki]
%A Waltari, Otto
%A Kangasharju, Jussi
%Z Part 4: Network Security
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B International Conference on Wired/Wireless Internet Communication (WWIC)
%C Boston, MA, United States
%Y Kaushik Roy Chowdhury
%Y Marco Di Felice
%Y Ibrahim Matta
%Y Bo Sheng
%I Springer International Publishing
%3 Wired/Wireless Internet Communications
%V LNCS-10866
%P 207-218
%8 2018-06-18
%D 2018
%R 10.1007/978-3-030-02931-9_17
%Z Computer Science [cs]
%Z Computer Science [cs]/Networking and Internet Architecture [cs.NI]Conference papers
%X Wi-Fi is often the easiest and most affordable way to get a device connected. When a device connects to any Wi-Fi network its identifier (SSID) is stored in the device. These SSIDs are sometimes intentionally exposed to the outside world during periodic network discovery routines. In this paper we quantify the information leak that is present in the current network discovery protocol. Our collected data shows how common it is for a device to leak information and what can be derived from the names of networks a user has connected to in the past. We introduce a way to measure the uniqueness of an entity, which is based on the set of leaked SSID names. We apply previously proposed methods of MAC address randomization reversal on our data and evaluate entity uniqueness. We show how unique SSID names backfire against attempts to obfuscate user devices. Finally we evaluate an existing alternative network discovery scheme that does not leak information.
%G English
%Z TC 6
%Z WG 6.2
%2 https://inria.hal.science/hal-02269722/document
%2 https://inria.hal.science/hal-02269722/file/470666_1_En_17_Chapter.pdf
%L hal-02269722
%U https://inria.hal.science/hal-02269722
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-TC6
%~ IFIP-WG6-2
%~ IFIP-WWIC
%~ IFIP-LNCS-10866