Marco Gruteser
ABSTRACT
The recent proliferation of wireless local area networks (WLAN) has introduced new location privacy risks. An adversary controlling several access points could triangulate a client's position. In addition, interface identifiers uniquely identify each client, allowing tracking of location over time. We enhance location privacy through frequent disposal of a client's interface identifier. The described system curbs the adversary's ability to continuously track a client's position. Design challenges include selecting new interface identifiers, detecting address collisions at the MAC layer, and timing identifier switches to balance network disruptions against privacy protection. Using a modified authentication protocol, network operators can still control access to their network. An analysis of a public WLAN usage trace shows that disposing addresses before reassociation already yields significant privacy improvements.
- P. E. Agre. RRE notes and recommendations. http://commons.somewhere.com/rre/1999/RRE.notes.and.recommenda14.html, Dec 1999.]]Google Scholar
- J. Al-Muhtadi, R. Campbell, A. Kapadia, M. D. Mickunas, and S. Yi. Routing through the mist: Privacy preserving communication in ubiquitous computing environments. In International Conference of Distributed Computing Systems, 2002.]] Google ScholarDigital Library
- P. Bahl and V. N. Padmanabhan. RADAR: An in-building RF-based user location and tracking system. In IEEE INFOCOM, pages 775--784, 2000.]]Google ScholarCross Ref
- A. Balachandran, G. Voelker, P. Bahl, and P. Rangan. Characterizing user behavior and network performance in a public wireless LAN. In Proceedings of ACM SIGMETRICS, 2002.]] Google ScholarDigital Library
- M. Balazinska and P. Castro. Characterizing mobility and network usage in a corporate wireless local-area network. In The First International Conference on Mobile Systems, Applications, and Services (MobiSys), May 2003.]] Google ScholarDigital Library
- M. K. Base. Article 164903 - how to troubleshoot duplicate media access control address conflicts. http://support.microsoft.com/default.aspx?scid=KB;en-us;q164903, 2002.]]Google Scholar
- V. Bharghavan. A dynamic addressing scheme for wireless media access. In International Conference on Communications, 1995.]]Google ScholarCross Ref
- Black Alchemy. FakeAP. http://www.blackalchemy.to/project/fakeap/, Jan 2003.]]Google Scholar
- N. Borisov, I. Goldberg, and D. Wagner. Intercepting mobile communications: the insecurity of 802.11. In Proceedings of the seventh annual international conference on Mobile computing and networking, pages 180--189. ACM Press, 2001.]] Google ScholarDigital Library
- P. Castro, P. Chiu, T. Kremenek, and R. Muntz. A probabilistic room location service for wireless networked environments. In Ubicomp, 2001.]] Google ScholarDigital Library
- CNN. Police: GPS device used to stalk woman. http://www.cnn.com/2002/TECH/ptech/12/31/gps.stalk.ap/index.html, December 31 2002.]]Google Scholar
- D. Eastlake, S. Crocker, and J. Schiller. RFC 1750: Randomness recommendations for security. http://www.ietf.org/rfc/rfc1750.txt, Dec 1994.]] Google ScholarDigital Library
- A. Ebner and H. Rohling. A self-organized radio network for automotive applications. In Proceedings of the 8th World Congress on Intelligent Transportation Systems, Oct 2001.]]Google Scholar
- A. Fasbender, D. Kesdogan, and O. Kubitz. Analysis of security and privacy in mobile IP. In 4 th International Conference on Telecommunication Systems Modeling and Analysis, Mar 1996.]]Google Scholar
- D. Goldschlag, M. Reed, and P. Syverson. Onion routing for anonymous and private internet connections. Communications of the ACM (USA), 42(2):39--41, 1999.]] Google ScholarDigital Library
- M. Gruteser and D. Grunwald. Anonymous usage of location-based services through spatial and temporal cloaking. In Proceedings of the First International Conference on Mobile Systems, Applications, and Services, 2003.]] Google ScholarDigital Library
- M. Gruteser and D. Grunwald. A methodological assessment of location privacy risks in wireless hotspot networks. In Proceedings of the First International Conference on Security in Pervasive Computing (to appear), 2003.]]Google Scholar
- IEEE. IEEE Standard 802.11b - Wireless LAN Medium Access Control (MAC) and Physical layer (PHY) Specications: High Speed Physical Layer(PHY) in the 2.4 GHZz Band, 1999.]]Google Scholar
- IEEE. OUI assignments. http://standards.ieee.org/regauth/oui/index.shtml, Jan 2003.]]Google Scholar
- D. Kesdogan, H. Federrath, A. Jerichow, and A. Pfitzmann. Location management strategies increasing privacy in mobile communication. In 12th International Information Security Conference, pages 39--48, Samos, Greece, 21--24 1996. Chapman & Hall.]] Google ScholarDigital Library
- D. Kotz and K. Essien. Analysis of a campus-wide wireless network. In Proceedings of the eighth annual international conference on Mobile computing and networking, pages 107--118. ACM Press, 2002.]] Google ScholarDigital Library
- A. M. Ladd, K. E. Bekris, A. Rudys, L. E. Kavraki, D. S. Wallach, and G. Marceau. Robotics-based location sensing using wireless ethernet. In Proceedings of the eighth annual international conference on Mobile computing and networking, pages 227--238. ACM Press, 2002.]] Google ScholarDigital Library
- C.-H. Lee, M.-S. Hwang, and W.-P. Yang. Enhanced privacy and authentication for the global system for mobile communications. Wireless Networks, 5(4):231--243, 1999.]] Google ScholarDigital Library
- U. Leonhardt and J. Magee. Security considerations for a distributed location service. Journal of Network and System Management, 6:51--70, Mar 1998.]] Google ScholarDigital Library
- Location privacy protection act. http://www.techlawjournal.com/cong107/privacy/location/s1164is.asp, 2001.]]Google Scholar
- T. Narten and R. Draves. Rfc3041 - privacy extensions for stateless address autoconfiguration in ipv6. http://www.faqs.org/ftp/rfc/rfc3041.txt.]] Google ScholarDigital Library
- N. Negroponte. Being wireless. Wired, 10(10), 2003.]]Google Scholar
- M. Piszczalski. The next big thing: Wi-fi. Automotive Design and Production, Sep 2002.]]Google Scholar
- J. Reed, K. Krizman, B. Woerner, and T. Rappaport. An Overview of the Challenges and Progress in Meeting the E-911 Requirement for Location Service. IEEE Personal Communications Magazine, 5(3):30--37, April 1998.]]Google ScholarCross Ref
- M. K. Reiter and A. D. Rubin. Crowds: anonymity for Web transactions. ACM Transactions on Information and System Security, 1(1):66--92, 1998.]] Google ScholarDigital Library
- C. Schurgers, G. Kulkarni, and M. B. Srivastava. Distributed assignment of encoded mac addresses in sensor networks. In Proceedings of the 2001 ACM International Symposium on Mobile ad hoc networking and computing, pages 295--298. ACM Press, 2001.]] Google ScholarDigital Library
- A. Smailagic and D. Kogan. Location sensing and privacy in a context-aware computing environment. IEEE Wireless Communications, 9:10--17, oct 2002.]]Google ScholarDigital Library
- M. Spreitzer and M. Theimer. Providing location information in a ubiquitous computing environment. In Proceedings of the Fourteenth ACM Symposium on Operating System Principles, pages 270--283, 1993.]] Google ScholarDigital Library
- W. R. Stevens. TCP/IP Illustrated, volume 1. Addison-Wesley, 1994.]]Google Scholar
- A. Stubblefield, J. Ioannidis, and A. Rubin. Using the Fluhrer, Mantin, and Shamir attack to break WEP. Technical Report TD4ZCPZZ, ATT Labs, AUG 2001.]]Google Scholar
- N. H. Vaidya. Weak duplicate address detection in mobile ad hoc networks. In Proceedings of the third ACM international symposium on Mobile ad hoc networking and computing, pages 206--216. ACM Press, 2002.]] Google ScholarDigital Library
- Wireless geographic logging engine. http://wigle.net/gpsopen/gps/GPSDB/, Nov 2002.]]Google Scholar
Index Terms
- Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis
Recommendations
Why MAC Address Randomization is not Enough: An Analysis of Wi-Fi Network Discovery Mechanisms
ASIA CCS '16: Proceedings of the 11th ACM on Asia Conference on Computer and Communications SecurityWe present several novel techniques to track (unassociated) mobile devices by abusing features of the Wi-Fi standard. This shows that using random MAC addresses, on its own, does not guarantee privacy. First, we show that information elements in probe ...
Location Privacy-preserving Mechanisms in Location-based Services: A Comprehensive Survey
Location-based services (LBSs) provide enhanced functionality and convenience of ubiquitous computing, but they open up new vulnerabilities that can be utilized to violate the users’ privacy. The leakage of private location data in the LBS context has ...
Preserving location privacy in wireless lans
MobiSys '07: Proceedings of the 5th international conference on Mobile systems, applications and servicesThe broadcast and tetherless nature of wireless networks and the widespread deployment of Wi-Fi hotspots makes it easy to remotely locate a user by observing her wireless signals. Location is private information and can be used by malicious individuals ...
Comments