Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2017, Article ID 6235484, 21 pages
https://doi.org/10.1155/2017/6235484
Research Article

Noncooperative 802.11 MAC Layer Fingerprinting and Tracking of Mobile Devices

Expertise Centre for Digital Media, UHasselt-tUL-imec, Wetenschapspark 2, 3590 Diepenbeek, Belgium

Correspondence should be addressed to Pieter Robyns; eb.tlessahu@snybor.reteip

Received 5 January 2017; Accepted 21 March 2017; Published 25 May 2017

Academic Editor: Pascal Lorenz

Copyright © 2017 Pieter Robyns et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. M. B. Kjærgaard, M. V. Krarup, A. Stisen et al., “Indoor positioning using wi-fi–how well is the problem understood?” in Proceedings of the International Conference on Indoor Positioning and Indoor Navigation, vol. 28, p. 31, 2013.
  2. H. Liu, H. Darabi, P. Banerjee, and J. Liu, “Survey of wireless indoor positioning techniques and systems,” IEEE Transactions on Systems, Man and Cybernetics Part C: Applications and Reviews, vol. 37, no. 6, pp. 1067–1080, 2007. View at Publisher · View at Google Scholar · View at Scopus
  3. T. S. Prentow, H. Blunck, K. Gronbaek, and M. B. Kjærgaard, “Estimating common pedestrian routes through indoor path networks using position traces,” in Proceedings of the 15th IEEE International Conference on Mobile Data Management (MDM '14), vol. 1, pp. 43–48, IEEE, July 2014. View at Publisher · View at Google Scholar · View at Scopus
  4. R. Yamasaki, A. Ogino, T. Tamaki, T. Uta, N. Matsuzawa, and T. Kalo, “TDOA location system for IEEE 802.11b WLAN,” in Proceedings of the Wireless Communications and Networking Conference, vol. 4, pp. 2338–2343, IEEE, March 2005. View at Publisher · View at Google Scholar · View at Scopus
  5. Ekahau: Asset Tracking & Management, https://www.ekahau.com/blog/2010/04/27/wi-fi-site-surveys-passive-active-rtls/.
  6. J.-H. Youn, H. Ali, H. Sharif, J. Deogun, J. Uher, and S. H. Hinrichs, “WLAN-based real-time asset tracking system in healthcare environments,” in Proceedings of the 3rd IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob '07), p. 71, IEEE, October 2007. View at Publisher · View at Google Scholar · View at Scopus
  7. M. Abbott-Jard, H. Shah, and A. Bhaskar, “Empirical evaluation of Bluetooth and Wifi scanning for road transport,” in Proceedings of the 36th Australasian Transport Research Forum (ATRF '13), Queensland, Australia, October 2013. View at Scopus
  8. B. Bonné, A. Barzan, P. Quax, and W. Lamotte, “WiFiPi: involuntary tracking of visitors at mass events,” in Proceedings of the IEEE 14th International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM '13), pp. 1–6, Madrid, Spain, June 2013. View at Publisher · View at Google Scholar · View at Scopus
  9. M. B. Kjærgaard, “A taxonomy for radio location fingerprinting,” in Location- and Context-Awareness, pp. 139–156, Springer, 2007. View at Publisher · View at Google Scholar
  10. M. Cunche, “I know your MAC address: targeted tracking of individual using Wi-Fi,” Journal of Computer Virology and Hacking Techniques, vol. 10, no. 4, pp. 219–227, 2014. View at Publisher · View at Google Scholar · View at Scopus
  11. A. B. M. Musa and J. Eriksson, “Tracking unmodified smartphones using wi-fi monitors,” in Proceedings of the 10th ACM Conference on Embedded Network Sensor Systems (SenSys '12), pp. 281–294, ACM, Ontario, Canada, November 2012. View at Publisher · View at Google Scholar · View at Scopus
  12. B. Danev, D. Zanetti, and S. Capkun, “On physical-layer identification of wireless devices,” ACM Computing Surveys, vol. 45, no. 1, article 6, 2012. View at Publisher · View at Google Scholar · View at Scopus
  13. WiGLE.net: Statistics, https://wigle.net/stats.
  14. J. Pang, B. Greenstein, R. Gummadi, S. Seshan, and D. Wetherall, “802.11 User fingerprinting,” in Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking, pp. 99–110, ACM, September 2007. View at Publisher · View at Google Scholar · View at Scopus
  15. P. Bahl and V. N. Padmanabhan, “RADAR: An in-building RF-based user location and tracking system,” in Proceedings of the 19th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM '00), vol. 2, pp. 775–784, March 2000. View at Scopus
  16. S. A. Golden and S. S. Bateman, “Sensor measurements for Wi-Fi location with emphasis on time-of-arrival ranging,” IEEE Transactions on Mobile Computing, vol. 6, no. 10, pp. 1185–1198, 2007. View at Publisher · View at Google Scholar · View at Scopus
  17. J. Freudiger, “How talkative is your mobile device?: an experimental study of Wi-Fi probe requests,” in Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks (WiSec '15), pp. 8:1–8:6, ACM, New York, NY, USA, 2015. View at Publisher · View at Google Scholar
  18. T. Kohno, A. Broido, and K. C. Claffy, “Remote physical device fingerprinting,” IEEE Transactions on Dependable and Secure Computing, vol. 2, no. 2, pp. 93–108, 2005. View at Publisher · View at Google Scholar · View at Scopus
  19. C. Arackaparambil, S. Bratus, A. Shubina, and D. Kotz, “On the reliability of wireless fingerprinting using clock skews,” in Proceedings of the 3rd ACM Conference on Wireless Network Security (WiSec '10), pp. 169–174, ACM, Hoboken, NJ, USA, March 2010. View at Publisher · View at Google Scholar · View at Scopus
  20. S. Jana and S. K. Kasera, “On fast and accurate detection of unauthorized wireless access points using clock skews,” IEEE Transactions on Mobile Computing, vol. 9, no. 3, pp. 449–462, 2010. View at Publisher · View at Google Scholar · View at Scopus
  21. J. Hall, M. Barbeau, and E. Kranakis, “Radio frequency fingerprinting for intrusion detection in wireless networks,” IEEE Transactions on Defendable and Secure Computing, 2005. View at Google Scholar
  22. O. Ureten and N. Serinken, “Wireless security through RF fingerprinting,” Canadian Journal of Electrical and Computer Engineering, vol. 32, no. 1, pp. 27–33, 2007. View at Publisher · View at Google Scholar · View at Scopus
  23. V. Brik, S. Banerjee, M. Gruteser, and S. Oh, “Wireless device identification with radiometric signatures,” in Proceedings of the 14th ACM Annual International Conference on Mobile Computing and Networking (MobiCom '08), pp. 116–127, ACM, September 2008. View at Publisher · View at Google Scholar · View at Scopus
  24. C. L. Corbett, R. A. Beyah, and J. A. Copeland, “Passive classification of wireless NICs during active scanning,” International Journal of Information Security, vol. 7, no. 5, pp. 335–348, 2008. View at Publisher · View at Google Scholar · View at Scopus
  25. B. Bloessl, C. Sommer, F. Dressler, and D. Eckhoff, “The scrambler attack: a robust physical layer attack on location privacy in vehicular networks,” in Proceedings of the International Conference on Computing, Networking and Communications (ICNC '15), pp. 395–400, IEEE, 2015.
  26. L. C. C. Desmond, C. C. Yuan, T. C. Pheng, and R. S. Lee, “Identifying unique devices through wireless fingerprinting,” in Proceedings of the 1st ACM Conference on Wireless Network Security, pp. 46–55, ACM, April 2008. View at Publisher · View at Google Scholar
  27. J. Franklin, D. McCoy, P. Tabriz, V. Neagoe, J. V. Randwyk, and D. Sicker, “Passive data link layer 802.11 wireless device driver fingerprinting,” in Proceedings of the 15th Conference on USENIX Security Symposium (USENIX-SS '06), 2006.
  28. C. Neumann, O. Heen, and S. Onno, “An empirical study of passive 802.11 device fingerprinting,” in Proceedings of the 32nd IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW '12), pp. 593–602, IEEE, June 2012. View at Publisher · View at Google Scholar · View at Scopus
  29. M. Chernyshev, C. Valli, and P. Hannay, “On 802.11 access point locatability and named entity recognition in service set identifiers,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 3, pp. 584–593, 2016. View at Publisher · View at Google Scholar
  30. M. Cunche, M.-A. Kaafar, and R. Boreli, “Linking wireless devices using information contained in Wi-Fi probe requests,” Pervasive and Mobile Computing, vol. 11, pp. 56–69, 2014. View at Publisher · View at Google Scholar · View at Scopus
  31. F. Guo and T. C. Chiueh, “Sequence number-based MAC address spoof detection,” in Recent Advances in Intrusion Detection, pp. 309–329, Springer, 2005. View at Google Scholar
  32. J. Cache, “Fingerprinting 802.11 implementations via statistical analysis of the duration field,” 2006, http://uninformed.org/?v=5.
  33. B. Bonné, P. Quax, and W. Lamotte, “Your mobile phone is a traitor!—raising awareness on ubiquitous privacy issues with SASQUATCH,” International Journal on Information Technologies & Security, vol. 6, no. 3, 2014. View at Google Scholar
  34. S. Bratus, C. Cornelius, D. Kotz, and D. Peebles, “Active behavioral fingerprinting of wireless devices,” in Proceedings of the 1st ACM Conference on Wireless Network Security (WiSec '08), pp. 56–61, ACM, Alexandria, VA, USA, April 2008. View at Publisher · View at Google Scholar · View at Scopus
  35. M. Vanhoef, C. Matte, M. Cunche, L. S. Cardoso, and F. Piessens, “Why MAC address randomization is not enough: an analysis of Wi-Fi network discovery mechanisms,” in Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 413–424, ACM, Xi'an, China, June 2016. View at Publisher · View at Google Scholar · View at Scopus
  36. M. Gruteser and D. Grunwald, “Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis,” Mobile Networks and Applications, vol. 10, no. 3, pp. 315–325, 2005. View at Publisher · View at Google Scholar · View at Scopus
  37. IEEE Computer Society, Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, IEEE 802.11 Standard, 2012.
  38. J. Malinen, “Wpa supplicant configuration options,” https://w1.fi/cgit/ hostap/plain/wpa_supplicant/wpa_supplicant.conf.
  39. G. Chandrasekaran, J.-A. Francisco, V. Ganapathy, M. Gruteser, and W. Trappe, “Detecting identity spoofs in IEEE 802.11e wireless networks,” in Proceedings of the IEEE Global Telecommunications Conference (GLOBECOM '09), pp. 1–6, IEEE, December 2009. View at Publisher · View at Google Scholar · View at Scopus
  40. C. L. Corbett, R. A. Beyah, and J. A. Copeland, “Using active scanning to identify wireless NICs,” in Proceedings of the IEEE Information Assurance Workshop, pp. 239–246, IEEE, June 2006. View at Publisher · View at Google Scholar · View at Scopus
  41. IEEE Computer Society, Amendment 8: Medium Access Control (MAC) Quality of Service Enhancements, IEEE 802.11e Standard, 2005.
  42. D. Camps-Mur, A. Garcia-Saavedra, and P. Serrano, “Device-to-device communications with Wi-Fi direct: overview and experimentation,” IEEE Wireless Communications, vol. 20, no. 3, pp. 96–104, 2013. View at Publisher · View at Google Scholar · View at Scopus
  43. Wi-Fi Alliance Technical Committee, “P2P Task Group: Wi-Fi Peer-to-Peer (P2P) v1.5,” Technical Specification, Wi-Fi Alliance, 2014. View at Google Scholar
  44. D. Kotz, T. Henderson, and C. McDonald, “CRAWDAD: A Community Resource for Archiving Wireless Data at Dartmouth,” http://crawdad.org.
  45. P. Robyns, B. Bonné, P. Quax, and W. Lamotte, “POSTER: assessing the impact of 802.11 vulnerabilities using wicability,” in Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks (WiSec '16), pp. 217-218, ACM, Darmstadt, Germany, July 2016. View at Publisher · View at Google Scholar
  46. P. Robyns, “Online Resource 1: pcap file of the stimulus frame response conditions experiment,” 2016, http://research.edm.uhasselt.be/~probyns/mactracking/stimulus_experiment_results.pcap.
  47. J. Malinen, “Wpa supplicant official source code repository,” https://www.w1.fi/cgit/hostap/tree/src/p2p/p2p_sd.c?id=fb09ed338919db09f3990196171fa73b37e7a17f#n384.
  48. Wi-Fi Alliance: Wi-Fi CERTIFIED Passpoint, https://www.wi-fi.org/discover-wi-fi/wi-fi-certified-passpoint.
  49. “Wi-Fi Alliance: Product Finder search results,” https://www.wi-fi.org/product-finder-results?sort_by=default&sort_order=desc&categories=4&capabilities=1.