• No se han encontrado resultados

slides

N/A
N/A
Info
Descargar
Protected

Academic year: 2023

Share "slides"

Copied!
13
0
0

Cargando.... (Ver texto completo ahora)

Descargar ahora ( 13 página )

Texto completo

(1)

Wi-Fi Internet connectivity and privacy:

hiding your tracks on the wireless Internet

IEEE CSCN 2015 October, 30 2015

Carlos J. Bernardos – Universidad Carlos III de Madrid Juan C. Zúñiga – InterDigital

(2)

2

Outline

Introduction

Background and Problem Statement

Layer-2 Address Randomization

Experimental Evaluation

Context-aware Address Randomization

Standardization Efforts

Conclusions and Future Work

(3)

Introduction

Internet privacy is becoming a huge concern

Wireless users can be easily tracked

Privacy issues affect all protocol layers

We focus on threats at the connectivity level

Layer-2 and Layer-3

Layer-2 address randomization

Experimentally assessed during IETF meetings

(4)

4

Background and PS (I)

Who are you?

bob@

example.com

18-77-D3-31-C9-E1 ==

[email protected]

IEEE 802-based interfaces are easy to track

(5)

Background and PS (II)

An IEEE 802.11 station exposes its L2 address

When actively scanning for available networks

Once associated, in frame TX & RX

IPv6 address auto-configuration may make L2 identifiers visible to all L3 peers

Temporary addresses (RFC 4191)

Opaque IIDs (RFC 7217)

These solutions do not solve all the problems

(6)

6

Layer-2 Address Randomization (I)

Randomizing the L2

address makes tracking more difficult

We have experimentally validated and assessed it

Analysis of existing OSes’

support to conduct address randomization

Evaluate its effect on users and the network

Conducted experiments at IEEE and IETF meetings

Connected to a network? Periodic MAC address change START WiFi

INTERFACE

Handover to a new network?

MAC address change No

Yes

Yes

No

https://oruga.it.uc3m.es/802-privacy/index.php/MAC address change tutorial

(7)

Experimental Evaluation (I)

Real-life experiments during IETF meetings

IETF 91: A specific SSID (ietf-PrivRandMAC) was deployed on the wireless Internet infrastructure

IETF 92: Deployed on all IETF physical Access Points (no isolated ESSID)

WLAN address randomization scripts developed and provided for 4 different OSes: Linux,

Mac OS X, MS Windows and Android

Use of DHCP client identifier for debugging

(8)

8

Experimental Evaluation (II)

5

12

3 2 3 2

38

9

4

8 10

5

0 5 10 15 20 25 30 35 40

Number of MAC addresses per IP address, for those IPs that were assigned to multiple local MAC addresses (IETF 91)

(9)

Experimental Evaluation (III)

2 3

2 6

5

3 9

2 3

4 3

2 2 2 2

3 3

5

2 3

2

0 1 2 3 4 5 6 7 8 9 10

(10)

10

Context-aware Address Randomization

MAC addresses can also be leaked by other protocols (e.g., DNA)

L2 address randomization is a powerful tool

Always-on/off privacy policies are not enough

Access lists based on L2 addresses

Privacy configuration should be influenced by the context of the user

E.g., visible networks, geo location, etc.

(11)

Standardization Efforts

Internet privacy is a priority item for the IETF, the Internet Architecture Board (IAB), and the Internet Society

IAB Statement on Internet Confidentiality

Privacy implications on DHCP protocols

Use of the hostname in different protocols

IEEE 802 Privacy Executive Committee (EC) Study Group (SG) was created in July 2014

Specification work will be done in IEEE 802E

(12)

12

Conclusions & Future Work

Privacy issues due to the use of L2 addresses

L2 address randomization provides some mitigation against privacy

Experiments conducted in large networks

Now permanent at IETF & IEEE 802 meetings

Implementations in products

E.g.: Microsoft Windows 10, iOS 8 & 9

Privacy tools should not work in isolation

(13)

Wi-Fi Internet connectivity and privacy:

hiding your tracks on the wireless Internet

IEEE CSCN 2015 October, 30 2015

Carlos J. Bernardos – Universidad Carlos III de Madrid Juan C. Zúñiga – InterDigital

Referencias

Descargar ahora ( PDF - 13 página - 1.16 MB )

Documento similar

e-Portfolio: Java technology for financial applications on the Internet

The optimization module can be used in different manners: on one hand, a new investor can start from the universe of all funds available for trading and thereupon make a selection

The Web 2.0 Internet: Democratized internet collaborations in the healthcare sector

Many similar major contributions are made by other studies, including study: #2, that provides a comprehensive definition of Medicine 2.0 and an exhaustive review of the field;

Flow-concurrence and bandwidth ratio on the Internet

In practical terms, this means that when it comes the time to estimate the flow ratio, instead of observing the values of Figure 1, network managers aware of protocol shares in

Internet

La intersubjetividad garantiza que los conocimientos que tengo como sujeto de conocimiento también son válidos para las demás personas y que el conocimiento que tengo de

Greening the Internet: Energy-Optimal File Distribution.

The goodness metric we have used in order to compare the energy consumption of different file distribution schemes is energy per bit, computed as the ratio of the total amount of

Testing inclusive interdisciplinary models on Internet dependence in Youth. New associated variables

quantitative and qualitative techniques, only the data of the quantitative analysis is presented to predict the variable dependence on Internet and conceptual

The risks faced by adolescents on the Internet: minors as actors and victims of the dangers of the Internet

There are remarkable differences across age groups in the perception of the risk situations related to the school mobbing or online harassment of different types: adolescents

From prosumers to observers: an emergent trend on the Internet and among Young Ecuadorians. Results from the World Internet Project study, Ecuador

This study, which is part of the international network of researchers from World Internet Project (WIP), explores the Internet influence in social, political, cultural and