technologie wi fi et vie priv ee
play

Technologie Wi-Fi et vie priv ee Mathieu Cunche - PowerPoint PPT Presentation

Sep 16, 2022 •110 likes •510 views

Technologie Wi-Fi et vie priv ee Mathieu Cunche mathieu.cunche@inria.fr @Cunchem INSA-Lyon CITI, Inria Privatics Ecole d et e Rescom - 26 Juin 2015 M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv ee Rescom-2015 1 / 39

  1. Technologie Wi-Fi et vie priv´ ee Mathieu Cunche mathieu.cunche@inria.fr @Cunchem INSA-Lyon CITI, Inria Privatics Ecole d’´ et´ e Rescom - 26 Juin 2015 M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 1 / 39

  2. Privacy Personally identifiable information (PII) Information that can be used on its own or with other information to identify, contact, or locate a single person Ex.: Full name, phone number, e-mail address, home address ... M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 2 / 39

  3. Wi-Fi networking IEEE 802.11 standard Specifications for MAC and Physical layers Information transmitted by frames Data : upper layer datagrams Management : beacon, probe request/response, ... Control : acknowledgement, ready to send, ... M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 3 / 39

  4. 802.11 frame Address fields contain MAC addresses (src., dest., ...) MAC address: a unique identifier allocated to a network interface M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 4 / 39

  5. Wi-Fi service discovery I Discover surrounding APs and Networks Passive mode: Wi-Fi Beacons Active mode: Probe requests and Probe Responses Probe requests contain an SSID field to specify the searched network Active is less costly in energy Preferred mode for mobile devices Passive Active M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 5 / 39

  6. Active service discovery Probing Frequency: several times per minutes Information available in cleartext (headers are not encrypted) Broadcast dest. Addr. = FF:FF:FF:FF:FF:FF M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 6 / 39

  7. Wi-Fi Fingerprint Wi-Fi Fingerprint = List of SSIDs broadcast by a device M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 7 / 39

  8. Monitoring probe requests (Demo.) Wi-Fi interface supporting monitoring mode Traffic capture and analysis tools 1 1 https://github.com/cunchem/gtk-wifiscanner M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 8 / 39

  9. Personal information from SSIDs SSIDs: name of the previously connected networks Stored in the Configured Network List (CNL) Observed up to 80 configured networks ! SSIDs: personal data Travel history GPS coordinates Social links M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 9 / 39

  10. Personal information found in SSIDs Company/University/Organization → INRIA-interne, INSA-INVITE, GlobalCorp Ltd Attended conferences → WiSec14, PETs, CCS Visited places → Hilton-NY WiFi, Aloha Hotel WiFi, Brasserie de l’Est, Sydney-airport-WiFi Individual’s identity → Marc Dupont’s iPhone, Bob Fhisher’s Network M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 10 / 39

  11. Precise geolocation information From SSIDs to precise geolocation WiGLE database (SSID, BSSID, GPS coord., ...) M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 11 / 39

  12. Inferring social links I Hypothesis: similarity between Wi-Fi fingerprint can betray social links People tends to share their Wi-Fi network with people who are close The experiment: ”I know who you will meet this evening” 2 A wild dataset: fingerprints of 8000+ devices A control dataset: fingerprint with 30 existing social links 2 Mathieu Cunche, Mohamed-Ali Kaafar, and Roksana Boreli. “Linking wireless devices using information contained in Wi-Fi probe requests”. In: Pervasive and Mobile Computing (2013), pp. –. M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 12 / 39

  13. Inferring social links I Quantifying the similarity between fingerprints Metric considering size and rarity of the intersection Cosine-IDF and Jaccard index � idf x 2 J ( X , Y ) = | X ∩ Y | x ∈ X ∩ Y Cosine-idf ( X , Y ) = �� �� | X ∪ Y | idf x 2 idf y 2 x ∈ X y ∈ Y where idf x : inverse document frequency of x Adamic, modified Adamic 1 1 � � Adamic ( X , Y ) = Psim- q ( X , Y ) = f q log f x x x ∈ X ∩ Y x ∈ X ∩ Y where f x : document frequency of x M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 13 / 39

  14. Inferring social links I 1 0.9 0.8 0.7 0.6 TPR 0.5 0.4 0.3 0.2 cosine_idf jaccard 0.1 adamic Psim-3 0 0 0 0 0 0 0 0 0 0 0 1 1 . . 2 . 3 . 4 . 5 . 6 . 7 . 8 . 9 FPR Performances: detects 80% of social links with less than 8% of error. M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 14 / 39

  15. The end of broadcast SSIDs NULL Probe Requests SSID field is left empty AP must responds to all Broadcast Probe Requests Adopted by major vendors to reduce privacy risks Hidden Wi-Fi networks Hidden: not broadcasting beacons Probing with SSID is the only way to discover Device continuously broadcast SSID of the network M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 15 / 39

  16. Wi-Fi tracking Wi-Fi enabled smartphone: portable personal beacon Broadcast a unique ID (MAC addr.) Range: several 10s meters Wi-Fi tracking system 3 Set of sensors collect Wi-Fi signal Detect and track Wi-Fi devices and their owners 3 A. B. M. Musa and Jakob Eriksson. “Tracking unmodified smartphones using Wi-Fi monitors”. In: Proceedings of the 10th ACM Conference on Embedded Network Sensor Systems . 2012. M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 16 / 39

  17. Wi-Fi tracking: applications I Shops & shopping center monitoring 4 Physical analytics: Frequency and length of visit, number of visitor, M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 17 / 39

  18. Wi-Fi tracking: applications II Profiling & Targeted advertisement Example: London’s Wi-Fi bins Detect individuals via Wi-Fi Targeted advertisement displayed on screen Based on a user profile: consuming habits, gender, ... 4 Source: Euclid Analytics M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 18 / 39

  19. Wi-Fi tracking: privacy Privacy concerns ”People have a fundamental right to privacy, and I think neglecting to ask consumers for their permission to track them violates that right” – Senator Al Franken Response to privacy concerns User notification & Opt-out mechanisms MAC addr. ”does not contain personal information” MAC addr. is ”anonymized” (Hash function) M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 19 / 39

  20. Wi-Fi tracking: privacy The MAC address a 48 bits identifier Globally unique identifier allocated to Network Interface Organization Unique Identifier (OUI): 24 left-hand bits The MAC address is a personal information Unique ID & Personally identifiable information Easy to obtain the MAC addr. of an individual Collected by mobile applications along with other personal information (phone number, email, name, ...) M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 20 / 39

  21. Wi-Fi tracking: privacy I Hash-based anonymization Principle: store the hash of the MAC address instead of the raw value Time Location MAC Time Location Hash (md5) 12:09 A-4 00:11:11:11:11:11 12:09 A-4 fb2d5084c0ad1fdf6c29fe2aa323b758 12:12 B-4 00:11:11:11:11:11 → 12:12 B-4 fb2d5084c0ad1fdf6c29fe2aa323b758 12:13 E-5 00:22:22:22:22:22 12:13 E-5 69dc015b56448651561e1a4301ac9b4d 12:13 F-4 00:33:33:33:33:33 12:13 F-4 07024831442e8b86a06e905fd4d391ce 12:14 B-4 00:11:11:11:11:11 12:14 B-4 fb2d5084c0ad1fdf6c29fe2aa323b758 Motivation: ”Hashing is an Irreversible operation” Given x, easy to compute y = H ( x ) Given y, hard to find x such as H ( x ) = y M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 21 / 39

  22. Wi-Fi tracking: privacy II Hashed MAC addr. re-identification 5 Test configuration: MD5 + oclhashcatplus + modern GPU (ATI R9 280X) Exhaustive search method Size of the space: 2 48 values Time: 2.6 days Improved search Only 1% of the space has been allocated Time: 109 seconds M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 22 / 39

  23. Wi-Fi tracking: privacy III Improved search (bis) Wi-Fi devices accounts for a small fraction of OUI Time: 7 seconds to re-identify 99% of Wi-Fi MAC addr. 1 Fraction of MAC address 0 . 8 0 . 6 0 . 4 0 . 2 0 0 100 200 300 400 500 600 700 800 900 Nb. MAC address prefix Figure : Cumulative distribution of OUI prefixes in a real world dataset. M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 23 / 39

  24. Wi-Fi tracking: privacy IV Simple Hashing does not anonymize MAC addr. Space of origin is too small Exhaustive search is practical Alternate methods are required Loss of information (truncation) Secret salt 5 Levent Demir, Mathieu Cunche, and C´ edric Lauradoux. “Analysing the privacy policies of Wi-Fi trackers”. In: Workshop on Physical Analytics . Bretton Woods, United States: ACM, June 2014. doi : 10.1145/2611264.2611266 . url : https://hal.inria.fr/hal-00983363 . M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 24 / 39

  25. Wi-Fi tracking: privacy I How to obtain the MAC addr. of an individual ? Without a physical access Beacon replay attack 6 Home/work locations uniqueness 6 Mathieu Cunche. “I know your MAC Address: Targeted tracking of individual using Wi-Fi”. In: International Symposium on Research in Grey-Hat Hacking - GreHack . Grenoble, France, Nov. 2013. M. Cunche (INSA-Lyon - Inria ) Wi-Fi et Vie priv´ ee Rescom-2015 25 / 39

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

th Priv 6 th ivate Sector Chie ief Regula latory ry Offic icers (CRO) Meetin ing Sharm

th Priv 6 th ivate Sector Chie ief Regula latory ry Offic icers (CRO) Meetin ing Sharm

th Priv 6 th ivate Sector Chie ief Regula latory ry Offic icers (CRO) Meetin ing Sharm el-Sheikh, Egypt, 11 May 2016 th Priv 6 th rivate Sect ctor Ch Chie ief Regu gulatory Offi ficers (CR (CRO) Meeti ting 2 Overview of the Work of

775 views • 11 slides
New Fully Absorbable Patch Based Large Hole Vascular Closure Device Presented by Priv.-Doz. Dr.

New Fully Absorbable Patch Based Large Hole Vascular Closure Device Presented by Priv.-Doz. Dr.

New Fully Absorbable Patch Based Large Hole Vascular Closure Device Presented by Priv.-Doz. Dr. med. Michael Laule Charit University Hospital, Berlin, Germany Potential conflicts of interest Speaker's name: Priv.-Doz. Dr. med. Michael Laule

483 views • 10 slides
Knowledge preservation and PLM: a cultural perspective Bruno Bachimont Universit de Technologie

Knowledge preservation and PLM: a cultural perspective Bruno Bachimont Universit de Technologie

Knowledge preservation and PLM: a cultural perspective Bruno Bachimont Universit de Technologie de Universit de Technologie de Compigne Prologue Prologue PLM deals with information related to product life : The issue is to collect

658 views • 36 slides
- Hepatitis B - Resistence management in the clinical setting Priv.-Doz. Dr. A. Erhardt Klinik

- Hepatitis B - Resistence management in the clinical setting Priv.-Doz. Dr. A. Erhardt Klinik

- Hepatitis B - Resistence management in the clinical setting Priv.-Doz. Dr. A. Erhardt Klinik fr Gastroenterologie, Hepatologie und Infektiologie Universittsklinikum Dsseldorf Aims of HBV Therapie Effektive therapy - HBsAg

709 views • 42 slides
Fil illi ling th the gap ap a keystone for r th the Pan European Priv rivate Plac

Fil illi ling th the gap ap a keystone for r th the Pan European Priv rivate Plac

Fil illi ling th the gap ap a keystone for r th the Pan European Priv rivate Plac lacement mark rket Tues esday, 14 14 Apri ril l 20 2015 15 Lo London Filling the gap a keystone for the Pan European Private Placement market

319 views • 29 slides
Pr Priv ivat ate Ser e Service of Pr ice of Process In Ot ocess In Other S her Stat ates

Pr Priv ivat ate Ser e Service of Pr ice of Process In Ot ocess In Other S her Stat ates

Pr Priv ivat ate Ser e Service of Pr ice of Process In Ot ocess In Other S her Stat ates es & Comparison W & Comparison With N th North Car rth Carolina lina Pr Present esented F d For t r the e Committ mmittee on Pr e

276 views • 12 slides
and nd Em Emergin rging g Priv ivacy acy Laws Kaylee Cox Bankston on Counsel, Manatt,

and nd Em Emergin rging g Priv ivacy acy Laws Kaylee Cox Bankston on Counsel, Manatt,

Octo tober r 16, 2019 019 Th The Secur urity ity Im Implications ications of Ne f New and nd Em Emergin rging g Priv ivacy acy Laws Kaylee Cox Bankston on Counsel, Manatt, Phelps & Phillips LLP Liz Heier Director, Global

320 views • 12 slides
A R R LI LIFE S E SCI CIENCES ENCES PR PRIV IVATE LIM IMIT ITED CO COMPAN ANY PROFILE

A R R LI LIFE S E SCI CIENCES ENCES PR PRIV IVATE LIM IMIT ITED CO COMPAN ANY PROFILE

A R R LI LIFE S E SCI CIENCES ENCES PR PRIV IVATE LIM IMIT ITED CO COMPAN ANY PROFILE v Es Establ blished d in 1996 as Calcium Chloride de manufacturer (A R CHLORIDES) (A v Sh Shif ifted ed t to M Manufactu turin ing o

895 views • 31 slides
Molecular Surveillance of Recent HIV-Infections in Germany Priv.-Doz. Dr. Norbert Bannert

Molecular Surveillance of Recent HIV-Infections in Germany Priv.-Doz. Dr. Norbert Bannert

Molecular Surveillance of Recent HIV-Infections in Germany Priv.-Doz. Dr. Norbert Bannert "HIV und Other Retroviruses" Robert Koch-Institut, Berlin AREVIR-Meeting, May 9th 2015 2 Sam pling of New HI V Diagnoses + ~60 % of all

252 views • 22 slides
Cir ircula lar Pol olarization Antennas usi sing Gap Gap Waveguid ide Technologie ies at t

Cir ircula lar Pol olarization Antennas usi sing Gap Gap Waveguid ide Technologie ies at t

Cir ircula lar Pol olarization Antennas usi sing Gap Gap Waveguid ide Technologie ies at t 60 60 GH GHz Dayan Prez-Quintana 1,2 , Alicia Torres-Garca 1,2 , Iigo Ederra 1,2 , Miguel Beruete 1,2 dayan.perez@unavarra.es,

380 views • 6 slides
Context Setting: Why y the Colorado River? And the the role le of ENG ENGOs in in pr priv

Context Setting: Why y the Colorado River? And the the role le of ENG ENGOs in in pr priv

Water Risk in the Colorado River: An Exploration of Private Sector Solutions Context Setting: Why y the Colorado River? And the the role le of ENG ENGOs in in pr priv ivate sector solutio lutions ns May 07, 2020 Rachel OConnor |

151 views • 13 slides
Equit able S e Ser ervices es t o Elig ligib ible le Priv ivat e S School l Child

Equit able S e Ser ervices es t o Elig ligib ible le Priv ivat e S School l Child

Equit able S e Ser ervices es t o Elig ligib ible le Priv ivat e S School l Child ildren 2018-2019 OKCPS Federal Programs Consultation Guide Equit able S e Ser ervices es Under er Tit le I e I, P Part A Improving Basic

847 views • 60 slides
Additionneurs Ultra Basse Tension en Technologie SOI 0,13 Partiellement Dserte Jean

Additionneurs Ultra Basse Tension en Technologie SOI 0,13 Partiellement Dserte Jean

Additionneurs Ultra Basse Tension en Technologie SOI 0,13 Partiellement Dserte Jean Philippe Blanc, Hlne Lhermet, Marc Belleville CEA LETI Dpartement Systmes pour lInformation et la Sant 13/5/03 1 Outlines Introduction SOI

409 views • 12 slides
Dr Drawings wings - Real ality ity Capt apture ure Technologie nologies s an and d BIM

Dr Drawings wings - Real ality ity Capt apture ure Technologie nologies s an and d BIM

De Developing loping Fac acilit ility y Reco cord rd Dr Drawings wings - Real ality ity Capt apture ure Technologie nologies s an and d BIM M Mo Mode deling ling February 2018 Presenters: Michael Graves, PE Farida Goderya,

348 views • 24 slides
Replicant : appareils mobiles, logiciels libres et vie priv ee Paul Kocialkowski

Replicant : appareils mobiles, logiciels libres et vie priv ee Paul Kocialkowski

Replicant : appareils mobiles, logiciels libres et vie priv ee Paul Kocialkowski paulk@replicant.us Samedi 2 Juin 2016 Composants, probl ematiques et libert es Composants et impl ementations Composants (num eriques) dun

680 views • 38 slides
AGENDA ! Brocade Technologie ! Brocade Roadmap & Fabric Application ! Fabric Management 1

AGENDA ! Brocade Technologie ! Brocade Roadmap & Fabric Application ! Fabric Management 1

Decus Symposium Bonn 2003 Brocade SilkWorm Fabric Application Platform Leading the Next Generation of Storage Area Networks 2003 Joachim Meurer Brocade Senior System Engineer jmeurer@Brocade.com +49-1713357337 AGENDA ! Brocade Technologie !

719 views • 18 slides
8 1 0 2 T S U G U A 9 1 - 8 1 LOGISTICS LOGISTICS ARRIVALS 1 Students must

8 1 0 2 T S U G U A 9 1 - 8 1 LOGISTICS LOGISTICS ARRIVALS 1 Students must

8 1 0 2 T S U G U A 9 1 - 8 1 LOGISTICS LOGISTICS ARRIVALS 1 Students must arrive at: (a) Morning session : 7.30AM sharp (b) Afternoon Session : 1.30PM sharp GATHERING VENUE 2 Block C, Level 2 (classrooms) * STRICTLY

1.06k views • 20 slides
Primary 1 Introductory Briefing 3 March 2018 Agenda Communication with Teachers Level

Primary 1 Introductory Briefing 3 March 2018 Agenda Communication with Teachers Level

Primary 1 Introductory Briefing 3 March 2018 Agenda Communication with Teachers Level Programmes Assessment Expectations ICT Resources Supporting and Monitoring Your Child Communication with Teachers Communication with

825 views • 67 slides
2Q Axis REIT Managers Berhad Results Presentation 2016 5 August 2016 Our Milestones Assets

2Q Axis REIT Managers Berhad Results Presentation 2016 5 August 2016 Our Milestones Assets

2Q Axis REIT Managers Berhad Results Presentation 2016 5 August 2016 Our Milestones Assets Under Management RM296 million RM2.18 billion Space Under Management 978,000 sq ft 7,303,630 sq ft Properties 5 38 Fund Size

1.23k views • 62 slides
Dirk Burkholz My project Overview & Motivation Core principles and techniques

Dirk Burkholz My project Overview & Motivation Core principles and techniques

Dirk Burkholz My project Overview & Motivation Core principles and techniques Spotlight on one technique Further features Conclusion Dirk Burkholz - The Spring Framework 14.01.2009 for Java and .NET 2 GLOBUS

484 views • 16 slides
FiRE on at WORK FINDING, ENGAGING & KEEPING GREAT EMPLOYEES with Eric Chester Adjectives

FiRE on at WORK FINDING, ENGAGING & KEEPING GREAT EMPLOYEES with Eric Chester Adjectives

FiRE on at WORK FINDING, ENGAGING & KEEPING GREAT EMPLOYEES with Eric Chester Adjectives that describe the people you want in your organization: 1. _______________ 2. _______________ 3. _______________ 4. _______________ 5.

631 views • 21 slides
IA 2015 Recommendations December 16 th 2015 IA Recommendations 1 & 2 EITI Standard Requirement

IA 2015 Recommendations December 16 th 2015 IA Recommendations 1 & 2 EITI Standard Requirement

IA 2015 Recommendations December 16 th 2015 IA Recommendations 1 & 2 EITI Standard Requirement 5.3 (f): The Independent Administrator may wish to make recommendations for strengthening the reporting process in the future... Reporting

108 views • 9 slides
Syntax of FOL Definition 1 A contains the following symbols: 1. v 0 , v 1 , v 2 , . . .

Syntax of FOL Definition 1 A contains the following symbols: 1. v 0 , v 1 , v 2 , . . .

Computational Logic, Spring 2006 Pete Manolios Syntax of FOL Definition 1 A contains the following symbols: 1. v 0 , v 1 , v 2 , . . . (variables); 2. , , , , (boolean connectives); 3. , (quantifiers); 4. (equality

214 views • 9 slides
1 Rolling Dice Hyper for the Hypergeometric Roll two 6-sided dice D 1 and D 2 X and Y are

1 Rolling Dice Hyper for the Hypergeometric Roll two 6-sided dice D 1 and D 2 X and Y are

Viva La Correlacin! Fun with Indicator Variables Say X and Y are arbitrary random variables Let I A and I B be indicators for events A and B Correlation of X and Y, denoted r (X, Y) : 1 if A occurs 1 if B occurs

694 views • 3 slides

More recommend