How talkative is your mobile device?: an experimental study of Wi-Fi probe requests

@article{Freudiger2015HowTI,
  title={How talkative is your mobile device?: an experimental study of Wi-Fi probe requests},
  author={Julien Freudiger},
  journal={Proceedings of the 8th ACM Conference on Security \& Privacy in Wireless and Mobile Networks},
  year={2015}
}
  • J. Freudiger
  • Published 22 June 2015
  • Computer Science
  • Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks
The IEEE 802.11 standard defines Wi-Fi probe requests as a active mechanism with which mobile devices can request information from access points and accelerate the Wi-Fi connection process. Researchers in previous work have identified privacy hazards associated with Wi-Fi probe requests, such as leaking past access points identifiers and user mobility. Besides several efforts to develop privacy-preserving alternatives, modern mobile devices continue to use Wi-Fi probe requests. In this work, we… 

Figures and Tables from this paper

Privacy issues in wireless networks, Every frame you send, they'll be watching you
TLDR
A study of privacy features of the two major wireless network standards: Wi-Fi and Bluetooth-Low-Energy and focuses on address randomization mechanisms, a recently adopted anti-tracking measure, and identifies several issues related to implementation as well as standard specifications.
What Your Wearable Devices Revealed About You and Possibilities of Non-Cooperative 802.11 Presence Detection During Your Last IPIN Visit
TLDR
This paper analyzes and evaluates probe request frames of 802.11 wireless protocol captured during the 11 th international conference on Indoor Positioning and Indoor Navigation (IPIN) 2021 and detects that there are still many devices not adopting MAC randomization, because either it is not implemented, or users disabled it.
Know Thy Quality: Assessment of Device Detection by WiFi Signals
TLDR
This paper assesses the challenges with probe request frames using a new data quality framework for device detection and presents alternative detection methods that do not rely on probes, including a recently publicized WiFi device detection technique and a new way of detecting devices associated with a third-party network using a feature of the 802.11 protocol.
Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices
TLDR
This work empirically demonstrates that there are several key challenges that can limit an attacker’s ability to find a stable physical layer identifier to uniquely identify mobile devices using BLE, including variations in the hardware design of BLE chipsets, transmission power levels, and limitations of inexpensive radios that can be widely deployed to capture raw physical-layer signals.
Mobile Phone ’ s WiFi Presence for Continuous Implicit Secondary Deauthentication
TLDR
The proposed implicit method for secondary (de-)authentication based on device presence is suited for scenarios where user inactivity timeouts do not automatically translate well into actual user absence and solves the problem of accurate de-authentication as it automatically logs out the user if the device is not in reach of the Wi Fi network.
Analyzing the Effect of Bluetooth Low Energy (BLE) with Randomized MAC Addresses in IoT Applications
  • Golnar KalantarArash MohammadiS. N. Sadrieh
  • Computer Science
    2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)
  • 2018
TLDR
This paper pursued the goal of studying the behavior of MAC Address randomization in iOS devices, finding an answer for the following key question: “What does randomized MAC addresses mean for BLE-based Location Tracking and Analytics?” and investigating potential solutions to overcome this challenge and to keep track of all devices at a target venue, while respecting users' privacy.
Mind your probes: De-anonymization of large crowds through smartphone WiFi probe requests
TLDR
This paper shows how the de-anonymization outcome of the two political meetings held few days before the election days in Italy match surprisingly well the official voting results reported for the two respective parties.
Forensics analysis of Wi-Fi communication traces in mobile devices
TLDR
By analysing the mobile device of a user after a short, city centre walk, the MAC addresses of nearby wireless access points were identified and used to retrace the route travelled by the user, as there was a limited timeframe to capture this data.
Wi-Fi Tracking: Fingerprinting Attacks and Counter-Measures. (Traçage Wi-Fi: Attaques par Prise d'Empreinte et Contre-Mesures)
TLDR
It is shown that this mitigation, in its current state, is insufficient to prevent tracking, and presents two tools: an experimental Wi-Fi tracking system for testing and public awareness raising purpose, and a tool estimating the uniqueness of a device based on the content of its emitted signals even if the identifier is randomized.
Your MAC Address Can be Detected Easily When Your Smartphone Connected to the Wi-Fi
TLDR
It is proved that smartphones connected to Wi-Fi can be detected (scanned) easily with a Raspberry Pi help and MAC address, time-stamp, and RSSI scanned/captured successfully through Raspberry Pi from the smartphones can be used as a reference for various purposes/applications in future work, such asWi-Fi scanning/tracking system.
...
...

References

SHOWING 1-10 OF 30 REFERENCES
LAPWiN: Location-aided probing for protecting user privacy in Wi-Fi networks
TLDR
This work proposes to reduce the privacy risk while simultaneously decreasing the network connection time by eliminating unnecessary probe requests, most notably those requests sent to networks that are not in proximity of the device.
I know who you will meet this evening! Linking wireless devices using Wi-Fi probe requests
  • M. CuncheM. KâafarR. Boreli
  • Computer Science
    2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM)
  • 2012
TLDR
The hypothesis is that social links between devices owners can be identified by exploiting the information contained in the fingerprint, and the similarity between fingerprints as a metric, with the underlying idea: similar fingerprints are likely to be linked.
Linking wireless devices using information contained in Wi-Fi probe requests
Device Names in the Wild: Investigating Privacy Risks of Zero Configuration Networking
TLDR
A one-week dataset of mDNS announcements in a semi-public Wi-Fi network at a university revealed that 29% of the participants did not know the current device name of their smartphone, but that the vast majority considered periodic announcement of their full names worrisome.
Characterizing privacy leakage of public WiFi networks for users on travel
TLDR
Examining the privacy leakage in public hotspots from activities such as domain name querying, web browsing, search engine querying and online advertising finds that multiple categories of user privacy can be leaked, such as identity privacy, location privacy, financial privacy, social privacy and personal privacy.
Signals from the crowd: uncovering social relationships through smartphone probes
TLDR
A simple and automatic methodology to build the underlying social graph of the smartphone users, starting from their probes, and shows that, by looking at the probes in an event, one can learn important sociological aspects of its participants---language, vendor adoption, and so on.
Tracking unmodified smartphones using wi-fi monitors
Smartphones with Wi-Fi enabled periodically transmit Wi-Fi messages, even when not associated to a network. In one 12-hour trial on a busy road (average daily traffic count 37,000 according to the
Tracking Games in Mobile Networks
TLDR
This work considers a local adversary equipped with multiple eavesdropping stations to track mobile users and mobile users deploying mix zones to protect their location privacy, and uses a game-theoretic model to predict the strategies of both players.
Evaluating the Privacy Risk of Location-Based Services
TLDR
This paper evaluates the ability of location-based services to identify users and their points of interests based on different sets of location information and quantifies the privacy risk by experimenting with real-world mobility traces.
MobiTribe: Cost Efficient Distributed User Generated Content Sharing on Smartphones
TLDR
An algorithm for grouping devices into tribes for content replication among intended content consumers and serve it using low-cost network connections is developed and shown to lower monetary and energy costs for users compared to non-mobile-optimized distributed systems irrespective of the content demand model.
...
...