Go to DBLP homepageMAC-Layer Traffic Shaping Defense Against WiFi Device Fingerprinting Attacks
Abstract: WiFi networks are vulnerable to statistical traffic analysis attacks, even when a WiFi network is securely encrypted and the attacker is unable to join the network. Many defenses proposed in the literature are inefficient to deal with profiling attacks against WiFi-based Internet-of-Things (IoT) devices, because they burden the Internet traffic with high bandwidth overhead and pose deliberate delay on packet transmission. In this paper, we propose a new MAC-layer packet injection technique where injected dummy packets only exist within the WiFi link between IoT devices and their connected WiFi access point. This traffic shaping defense is effective against data-link device profiling attacks without adding any Internet-side overhead or time delay in legitimate traffic. We evaluated our approach on four WiFi-based IoT devices against a recent privacy attack, and showed the reduction of attack classification accuracy from the original 100% to 54%, close to random guessing..
Loading