12 research outputs found

    Cloning Mac Address Results Review

    Get PDF
    Every network interface has a media access control (MAC) address. Network interface cards come from the factory with a unique MAC address associated with the hardware. Most network cards and routers allow one to set a custom MAC address [1], overriding the MAC address present in the hardware. Cloning a MAC address, or changing the MAC address on one device to the MAC address associated with a different device, can be useful when an Internet connection is associated with a particular MAC address and that MAC address is no longer existed in the network. On the other hand if the ISP blocked the Mac address of the original device, changing Mac address is efficient way to communicate to the internet. Another function of cloning MAC address is used to jam the network with the IP address conflict associated with two devices.  

    Valkyrie: A Generic Framework for Verifying Privacy Provisions in Wireless Networks

    Get PDF
    International audienceWireless communications integrated in connected devices can expose their users to tracking via the exposure of link layer identifiers (e.g. MAC addresses). To counter this threat, it has been proposed to replace those permanent identifiers with periodically changing random pseudonyms [16]. This practice, called address randomization has been progressively adopted by vendors [27, 36] and has even made its way to wireless standards [1, 35]. However, an effective implementation of address randomization requires more than periodically rotating the link layer identifier. Indeed, several works [7, 10, 11, 15, 26, 27, 36] identified issues with address randomization implementation, where in-frames counters and identifiers can undermine the anti-tracking measure. In this paper, we address the problem of verifying the correctness of an address randomization implementation. To this end, we introduce an approach to identify issues based on a capture of the traffic generated by a device. This approach relies on rules specifying requirements for a correct implementation of address randomization. Then, we prototype Valkyrie (Verification of Addresses LinKabilitY in address Randomization ImplemEntations), a software tool that, based on a set of rules, verifies that a given sequence of frames generated by a device does not compromise the address randomization scheme. Finally, we evaluate this tool on a corpus of frame captures corresponding to 60 devices implementing address randomization for Wi-Fi and Bluetooth Low Energy (BLE)

    Automatic Passenger Counting on the Edge via Unsupervised Clustering

    Get PDF
    We present a device- and network-based solution for automatic passnger counting that operates on the edge in real time. The proposed solution consists of a low-cost WiFi scanner device equipped with custom algorithms for dealing with MAC address randomization. Our low-cost scanner is able to capture and analyze 802.11 probe requests emitted by passengers' devices such as laptops, smartphones, and tablets. The device is configured with a Python data-processing pipeline that combines data coming from different types of sensors and processes them on the fly. For the analysis task, we have devised a lightweight version of the DBSCAN algorithm. Our software artifact is designed in a modular way in order to accommodate possible extensions of the pipeline, e.g., either additional filters or data sources. Furthermore, we exploit multi-threading and multi-processing for speeding up the entire computation. The proposed solution has been tested with different types of mobile devices, obtaining promising experimental results. In this paper, we present the key ingredients of our edge computing solution

    Ré-identification d'adresses dans les réseaux LoRaWAN

    Get PDF
    LoRaWAN is a long range, low energy and low throughput network technology used to provide connectivity to all kind of devices. Encryption ensure the confidentiality of the conveyed data but do not protects metadata, including the DevAddress which is the device identifier allocated by the LoRa network. Because of the long range of the radio signals and the open nature of the wireless medium, this metadata can be easily collected and can leak potentially sensitive information about a system communicating through LoRa.In addition to the DevAddress, a device is also identified by a DevEUI, a globally unique and permanent identifier. As opposed to the DevAddress, the DevEUIis a static identifier and it can generally be linked to the device manufacturer or the device type. The DevEUI is thus a source of additional information that could be combined with the traffic metadata to gain additional knowledge on a device. However, on the wireless link the DevEUIis only exposed during the join procedure and is never directly associated with other identifiers, and in particular not with the DevAddress.In this documente, focus on this problem and present a method to link a DevEUI to a DevAddress and thus to the associated metadata. Our method relies on the time correlation between messages exchanged during the device activation and registration on the LoRa network. The proposed method is tested on two sets of LoRa traces: a real-world dataset and a synthetic one. The corresponding simulation results shows that a significant fraction of the DevEUI can be matched to a DevAddress. Finally we discuss a number of measures that could be adopted to reduce the efficiency of the presented address linking attack.LoRaWAN est une technologie rĂ©seau Ă  longue portĂ©e, faible dĂ©bit et basse consommation d’énergie utilisĂ©e pour fournir une connectivitĂ© Ă  toutes sortes d’appareils. Le chiffrement assure la confidentialitĂ© des donnĂ©es mais ne protĂšge pas les mĂ©tadonnĂ©es, en particulier la DevAddress qui est l’identifiant de l’appareil allouĂ© par le rĂ©seau LoRa. A cause de la longue portĂ©e des signaux radio et de la nature ouverte du medium sans-fil, ces mĂ©tadonnĂ©es peuvent ĂȘtre aisĂ©ment collectĂ©es et peuvent exposer des informations potentiellement sensibles Ă  propos d’un systĂšme.En plus de la DevAddress, un appareil est aussi identifiĂ© par un DevEUI, un identifiant unique. Contrairement au DevAddress, le DevEUIest statique et il peut ĂȘtre rattachĂ© Ă  un constructeur ou au type de l’appareil. Le DevEUIest donc une source d’information qui pourrait ĂȘtre combinĂ© avec d’autres mĂ©tadonnĂ©es. Cependant, sur le canal radio, le DevEUIest seulement exposĂ© durant la procĂ©dure d’association et n’est jamais directement associĂ© Ă  d’autres identifiant, et en particulier jamais avec le DevAddress.Dans ce document, nous traitons ce problĂšme et prĂ©sentons une mĂ©thode permettant de lier un DevEUI Ă  un DevAddress, et ainsi aux mĂ©tadonnĂ©es associĂ©es. Notre mĂ©thode repose sur une corrĂ©lation temporelle entre les messages Ă©changĂ©s durant la phase d’activation et d’association au rĂ©seau LoRa. Cette mĂ©thode est testĂ©e sur un jeu de traces rĂ©el et un jeu de traces synthĂ©tique. Les rĂ©sultats de simulation obtenus montrent qu’une fraction significative des DevEUI peuventĂȘtre associĂ© Ă  un DevAddress. Nous terminons en proposant des mesures qui pourraient ĂȘtre adoptĂ©es pour empĂȘcher cette attaque

    Embedded Module for WiFi Analysis

    Get PDF
    TĂ©matem tĂ©to bakaláƙskĂ© prĂĄce je vytvoƙenĂ­ kompaktnĂ­ho zaƙízenĂ­, kterĂ© bude napĂĄjeno bateriemi a poslouĆŸĂ­ pro sběr dat pomocĂ­ WiFi. VĂœslednĂĄ data budou zaƙízenĂ­m zpracovĂĄna a uloĆŸena na externĂ­ paměƄ, ze kterĂ© potĂ© poslouĆŸĂ­ k nĂĄslednĂ© analĂœze na vĂœkonnějĆĄĂ­m stroji. AnalĂœza se bude zaměƙovat na počítĂĄnĂ­ aktivnĂ­ch zaƙízenĂ­ v okolĂ­ a celkovou problematikou.The topic of this thesis is to create a compact device that will be powered by batteries and will be used for data collection using WiFi. The resulting data will be processed by the device and stored on external memory, which will then be used for following analysis on a more powerful machine. The analysis will focus on the counting of active devices in the vicinity of the device and overall problematics.460 - Katedra informatikydobƙ

    Defeating MAC address randomization through timing attacks

    No full text
    MAC address randomization is a common privacy protection measure deployed in major operating systems today. It is used to prevent user-tracking with probe requests that are transmitted during IEEE 802.11 network scans. We present an attack to defeat MAC address randomization through observation of the timings of the network scans with an off-the-shelf Wi-Fi interface. This attack relies on a signature based on inter-frame arrival times of probe requests, which is used to group together frames coming from the same device although they use distinct MAC addresses. We propose several distance metrics based on timing and use them together with an incremental learning algorithm in order to group frames. We show that these signatures are consistent over time and can be used as a pseudo-identifier to track devices. Our framework is able to correctly group frames using different MAC addresses but belonging to the same device in up to 75% of the cases. These results show that the timing of 802.11 probe frames can be abused to track individual devices and that address randomization alone is not always enough to protect users against tracking.status: publishe

    Defeating MAC Address Randomization Through Timing Attacks

    No full text
    International audienceMAC address randomization is a common privacy protection measure deployed in major operating systems today.It is used to prevent user-tracking with probe requests that are transmitted during IEEE 802.11 network scans. We present an attack to defeat MAC address randomization through observation of the timings of the network scans with an off-the-shelf Wi-Fi interface. This attack relies on a signature based on inter-frame arrival times of probe requests, which is used to group together frames coming from the same device although they use distinct MAC addresses. We propose several distance metrics based on timing and use them together with an incremental learning algorithm in order to group frames. We show that these signatures are consistent over time and can be used as a pseudo-identifier to track devices. Our framework is able to correctly group frames using different MAC addresses but belonging to the same device in up to 75% of the cases. These results show that the timing of 802.11 probe frames can be abused to track individual devices and that address randomization alone is not always enough to protect users against tracking
    corecore