An Experimental Evaluation of the Computational Cost of a DPI Traffic Classifier

A common belief in the scientific community is that traffic classifiers based on deep packet inspection (DPI) are far more expensive in terms of computational complexity compared to statistical classifiers. In this paper we counter this notion by defining accurate models for a deep packet inspection classifier and a statistical one based on support vector machines, and by evaluating their actual processing costs through experimental analysis. The results suggest that, contrary to the common belief, a DPI classifier and an SVM-based one can have comparable computational costs. Although much work is left to prove that our results apply in more general cases, this preliminary analysis is a first indication of how DPI classifiers might not be as computationally complex, compared to other approaches, as we previously though

AntiSense: Standard-compliant CSI obfuscation against unauthorized Wi-Fi sensing

Channel State Information (CSI)-based localization with 802.11 has been proven feasible in multiple scenarios and is becoming a serious threat to people's privacy in workplaces, at home, and maybe even outdoors. Countering unauthorized localization without hampering communications is a non-trivial task, although some very recent works suggest that it is feasible with marginal modification of the 802.11 transmission chain, but this requires modifying 802.11 devices. Furthermore, if the attacker controls two devices and not just a receiver, transmission side signal manipulation cannot help. This work explores the possibility of countering CSI based localization with an active device that, instead of jamming signals to avoid that a malicious receiver exploits CSI information to locate a person, superimpose on frames a copy of the same frame signal whose goal is not destroying reception as in jamming, but only obfuscate the location-relevant information carried by the CSI. A prototype implementation and early results look promising; they show the feasibility of location obfuscation with high efficiency and excellent preservation of communication performance, and indicate that the technique works both against passive attacks, where the attacker controls only a receiver, and active ones, where he/she controls both a transmitter and a receiver. These results pave the road for further research on smart spaces that preserve users’ privacy with a technical solution and not only via legal prescriptions

On the properties of device-free multi-point CSI localization and its obfuscation

The use of Channel State Information (CSI) as a means of sensing the environment through Wi-Fi communications, and in particular to locate the position of unaware people, was proven feasible several years ago and now it is moving from feasibility studies to high precision applications, thus posing a serious threat to people's privacy in workplaces, at home, and maybe even outdoors. The work we present in this paper explores how the use of multiple localization receivers can enhance the precision and robustness of device-free CSI-based localization with a method based on a state-of-the-art Convolutional Neural Network. Furthermore, we explore the effect of the inter-antenna distance on localization, both with multiple receivers and with a single MIMO receiver. Next we discuss how a randomized pre-filtering at the transmitter can hide the information that the CSI carries on the location of one person indoor. We formalize the pre-filtering as a per-frame, per-subcarrier amplitude multiplication based on a Markovian stochastic process, and we discuss different signal clipping and smoothing methods highlighting the existence of a trade-off between communication performance and obfuscation efficiency. The methodology can in any case guarantee almost unhampered communications with very good localization obfuscation. Results are presented discussing two different ways of exploiting the multi-receiver or multi-antenna redundancy and how, in any case, properly randomized pre-distortion at the transmitter can prevent localization even if the attack is carried out with multiple localization devices (receivers controlled by the attacker) and not only with a multi-antenna (MIMO) receiver

Comparing P2PTV Traffic Classifiers

Peer-to-Peer IP Television (P2PTV) applications represent one of the fastest growing application classes on the Internet, both in terms of their popularity and in terms of the amount of traffic they generate. While network operators require monitoring tools that can effectively analyze the traffic produced by these systems, few techniques have been tested on these mostly closed-source, proprietary applications. In this paper we examine the properties of three traffic classifiers applied to the problem of identifying P2PTV traffic. We report on extensive experiments conducted on traffic traces with reliable ground truth information, highlighting the benefits and shortcomings of each approach. The results show that not only their performance in terms of accuracy can vary significantly, but also that their usability features suggest different effective aspects that can be integrate

Integrating CSI Sensing in Wireless Networks: Challenges to Privacy and Countermeasures

The path toward 6G is still long and blurred, but a few key points seem to be already decided: integration of many different access networks; adoption of massive MIMO technologies; use of frequencies above current radio spectrum up to THz and beyond; and inclusion of artificial intelligence and machine learning in standard management and operations. One additional point that is less discussed, but seems key for success, is the advanced use of channel state information (CSI) for both equalization and decoding purposes as well as for sensing ones. CSI-based sensing promises a plethora of new applications and a quantum leap in service personalization and customer-centric network management. At the same time, CSI analysis, being based on the physical characteristics of the propagated signal, poses novel threats to people's privacy and security: No software-based solution or cryptographic method above the physical layer can prevent the analysis of CSI. CSI analysis can reveal people's position or activity, allow tracking them, and discover details on the environment that today can be seen only with cameras or radars. In this article, we discuss the current status of CSI-based sensing and present some technologies that can protect people's privacy and at the same time allow legitimate use of the information carried by the CSI to offer better services

On the Implementation of Location Obfuscation in openwifi and Its Performance

Wi-Fi sensing as a side-effect of communications is opening new opportunities for smart services integrating communications with environmental properties, first and foremost the position of devices and people. At the same time, this technology represents an unprecedented threat to people’s privacy, as personal information can be collected directly at the physical layer without any possibility to hide or protect it. Several works already discussed the possibility of safeguarding users’ privacy without hampering communication performance. Usually, some signal pre-processing at the transmitter side is needed to introduce pseudo-random (artificial) patterns in the channel response estimated at the receiver, preventing the extraction of meaningful information from the channel state. However, there is currently just one implementation of such techniques in a real system (openwifi), and it has never been tested for performance. In this work, we present the implementation of a location obfuscation technique within the openwifi project that enables fine manipulation of the radio signal at transmitter side and yields acceptable, if not good, performance. The paper discusses the implementation of the obfuscation subsystem, its performance, possible improvements, and further steps to allow authorized devices to “de-obfuscate” the signal and retrieve the sensed information

GT: Picking up the Truth from the Ground for Internet Traffic

Much of Internet traffic modeling, firewall, and intrusion detection research requires traces where some ground truth regarding application and protocol is associated with each packet or flow. This paper presents the design, development and experimental evaluation of gt, an open source software toolset for associating ground truth information with Internet traffic traces. By probing the monitored host's kernel to obtain information on active Internet sessions, gt gathers ground truth at the application level. Preliminary exper- imental results show that gt's effectiveness comes at little cost in terms of overhead on the hosting machines. Furthermore, when coupled with other packet inspection mechanisms, gt can derive ground truth not only in terms of applications (e.g., e-mail), but also in terms of protocols (e.g., SMTP vs. POP3

LTE/Wi-Fi Co-existence under Scrutiny: An Empirical Study

Mobile operators are seeking to increase network capacity by extending Long Term Evolution (LTE) cellular operation into unlicensed frequency bands. While these efforts may respond to the projected exponential growth in mobile data traffic, significant concerns exist about the harmonious co-existence of LTE with incumbent Wi-Fi deployments. In this paper we characterise experimentally the LTE and Wi-Fi behaviour when sharing the same spectrum while operating under a broad range of network conditions. Specifically, we deploy a test bed with commodity Wi-Fi hardware and low-cost software-defined radio equipment running an open-source LTE stack. We investigate the user-level performance attainable over these technologies when employing different settings, including LTE duty cycling patterns, Wi-Fi offered loads, transmit power levels, modulation and coding schemes, and packet sizes. We show that co-existence is feasible without modifications to the Wi-Fi stack, if LTE periodically employs "silent" sub-frames; however, optimising the performance of both requires non-trivial tuning of multiple parameters in conjunction with close monitoring of Wi-Fi operation and detection of application-specific requirements. Our findings lay the foundations for coherent design of practical LTE/Wi-Fi co-existence mechanisms