Litcius/Paper detail

WiFi-based IoT Devices Profiling Attack based on Eavesdropping of Encrypted WiFi Traffic

Mnassar Alyami, Ibrahim Alharbi, Cliff C. Zou, Yan Solihin, Karl Ackerman

202225 citationsDOI

Abstract

Recent research has shown that in-network observers of WiFi communication (i.e., observers who have joined the WiFi network) can obtain much information regarding the types, user identities, and activities of Internet-of-Things (IoT) devices in the network. What has not been explored is the question of how much information can be inferred by an out-of-network observer who does not have access to the WiFi network. This attack scenario is more realistic and much harder to defend against, thus imposes a real threat to user privacy. In this paper, we investigate privacy leakage derived from an out-of-network traffic eavesdropper on the encrypted WiFi traffic of popular IoT devices. We instrumented a testbed of 12 popular IoT devices and evaluated multiple machine learning methods for fingerprinting and inferring what IoT devices exist in a WiFi network. By only exploiting the WiFi frame header information, we have achieved 95% accuracy in identifying the devices and often their working status. This study demonstrates that information leakage and privacy attack is a real threat for WiFi networks and IoT applications.

Topics & Concepts

EavesdroppingComputer scienceTestbedEncryptionComputer networkInformation leakageComputer securityHeaderInternet of ThingsProfiling (computer programming)Operating systemInternet Traffic Analysis and Secure E-votingNetwork Security and Intrusion DetectionWireless Communication Security Techniques
WiFi-based IoT Devices Profiling Attack based on Eavesdropping of Encrypted WiFi Traffic | Litcius