MAC Address De-Randomization Using Multi-Channel Sniffers and Two-Stage Clustering
MAC randomization is a widely used technique implemented on most modern smartphones to protect user's privacy against tracking based on Probe Request frames capture. However, there exist weaknesses in such a methodology which may still expose distinctive information, allowing to track the devic...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Baccichet, Giovanni Innamorati, Corrado Redondi, Alessandro E. C Cesana, Matteo |
| description | MAC randomization is a widely used technique implemented on most modern
smartphones to protect user's privacy against tracking based on Probe Request
frames capture. However, there exist weaknesses in such a methodology which may
still expose distinctive information, allowing to track the device generating
the Probe Requests. Such techniques, known as MAC de-randomization algorithms,
generally exploit Information Elements (IEs) contained in the Probe Requests
and use clustering methodologies to group together frames belonging to the same
device. While effective on heterogeneous device types, such techniques are not
able to differentiate among devices of identical type and running the same
Operating System (OS). In this paper, we propose a MAC de-randomization
technique able to overcome such a weakness. First, we propose a new dataset of
Probe Requests captured from devices sharing the same characteristics.
Secondly, we observe that the time-frequency pattern of Probe Request emission
is unique among devices and can therefore be used as a discriminative feature.
We embed such a feature in a two-stage clustering methodology and show through
experiments its effectiveness compared to state-of-the-art techniques based
solely on IEs fingerprinting. The original dataset used in this work is made
publicly available for reproducible research. |
| doi_str_mv | 10.48550/arxiv.2408.01578 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_2408_01578</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2408_01578</sourcerecordid><originalsourceid>FETCH-arxiv_primary_2408_015783</originalsourceid><addsrcrecordid>eNpjYJA0NNAzsTA1NdBPLKrILNMzMjGw0DMwNDW34GQI8nV0VnBMSSlKLS5WcEnVDUrMS8nPzaxKLMnMz1MILc7MS1fwLc0pydR1zkjMy0vNUQjOy0xLSy0qVgCqVAgpz9cNLklMT1VwziktLkktAqrnYWBNS8wpTuWF0twM8m6uIc4eumDb4wuKMnMTiyrjQa6IB7vCmLAKAA31PKA</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>MAC Address De-Randomization Using Multi-Channel Sniffers and Two-Stage Clustering</title><source>arXiv.org</source><creator>Baccichet, Giovanni ; Innamorati, Corrado ; Redondi, Alessandro E. C ; Cesana, Matteo</creator><creatorcontrib>Baccichet, Giovanni ; Innamorati, Corrado ; Redondi, Alessandro E. C ; Cesana, Matteo</creatorcontrib><description>MAC randomization is a widely used technique implemented on most modern
smartphones to protect user's privacy against tracking based on Probe Request
frames capture. However, there exist weaknesses in such a methodology which may
still expose distinctive information, allowing to track the device generating
the Probe Requests. Such techniques, known as MAC de-randomization algorithms,
generally exploit Information Elements (IEs) contained in the Probe Requests
and use clustering methodologies to group together frames belonging to the same
device. While effective on heterogeneous device types, such techniques are not
able to differentiate among devices of identical type and running the same
Operating System (OS). In this paper, we propose a MAC de-randomization
technique able to overcome such a weakness. First, we propose a new dataset of
Probe Requests captured from devices sharing the same characteristics.
Secondly, we observe that the time-frequency pattern of Probe Request emission
is unique among devices and can therefore be used as a discriminative feature.
We embed such a feature in a two-stage clustering methodology and show through
experiments its effectiveness compared to state-of-the-art techniques based
solely on IEs fingerprinting. The original dataset used in this work is made
publicly available for reproducible research.</description><identifier>DOI: 10.48550/arxiv.2408.01578</identifier><language>eng</language><subject>Computer Science - Networking and Internet Architecture</subject><creationdate>2024-08</creationdate><rights>http://creativecommons.org/licenses/by/4.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,777,882</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/2408.01578$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.2408.01578$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Baccichet, Giovanni</creatorcontrib><creatorcontrib>Innamorati, Corrado</creatorcontrib><creatorcontrib>Redondi, Alessandro E. C</creatorcontrib><creatorcontrib>Cesana, Matteo</creatorcontrib><title>MAC Address De-Randomization Using Multi-Channel Sniffers and Two-Stage Clustering</title><description>MAC randomization is a widely used technique implemented on most modern
smartphones to protect user's privacy against tracking based on Probe Request
frames capture. However, there exist weaknesses in such a methodology which may
still expose distinctive information, allowing to track the device generating
the Probe Requests. Such techniques, known as MAC de-randomization algorithms,
generally exploit Information Elements (IEs) contained in the Probe Requests
and use clustering methodologies to group together frames belonging to the same
device. While effective on heterogeneous device types, such techniques are not
able to differentiate among devices of identical type and running the same
Operating System (OS). In this paper, we propose a MAC de-randomization
technique able to overcome such a weakness. First, we propose a new dataset of
Probe Requests captured from devices sharing the same characteristics.
Secondly, we observe that the time-frequency pattern of Probe Request emission
is unique among devices and can therefore be used as a discriminative feature.
We embed such a feature in a two-stage clustering methodology and show through
experiments its effectiveness compared to state-of-the-art techniques based
solely on IEs fingerprinting. The original dataset used in this work is made
publicly available for reproducible research.</description><subject>Computer Science - Networking and Internet Architecture</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNpjYJA0NNAzsTA1NdBPLKrILNMzMjGw0DMwNDW34GQI8nV0VnBMSSlKLS5WcEnVDUrMS8nPzaxKLMnMz1MILc7MS1fwLc0pydR1zkjMy0vNUQjOy0xLSy0qVgCqVAgpz9cNLklMT1VwziktLkktAqrnYWBNS8wpTuWF0twM8m6uIc4eumDb4wuKMnMTiyrjQa6IB7vCmLAKAA31PKA</recordid><startdate>20240802</startdate><enddate>20240802</enddate><creator>Baccichet, Giovanni</creator><creator>Innamorati, Corrado</creator><creator>Redondi, Alessandro E. C</creator><creator>Cesana, Matteo</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20240802</creationdate><title>MAC Address De-Randomization Using Multi-Channel Sniffers and Two-Stage Clustering</title><author>Baccichet, Giovanni ; Innamorati, Corrado ; Redondi, Alessandro E. C ; Cesana, Matteo</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-arxiv_primary_2408_015783</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Computer Science - Networking and Internet Architecture</topic><toplevel>online_resources</toplevel><creatorcontrib>Baccichet, Giovanni</creatorcontrib><creatorcontrib>Innamorati, Corrado</creatorcontrib><creatorcontrib>Redondi, Alessandro E. C</creatorcontrib><creatorcontrib>Cesana, Matteo</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Baccichet, Giovanni</au><au>Innamorati, Corrado</au><au>Redondi, Alessandro E. C</au><au>Cesana, Matteo</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>MAC Address De-Randomization Using Multi-Channel Sniffers and Two-Stage Clustering</atitle><date>2024-08-02</date><risdate>2024</risdate><abstract>MAC randomization is a widely used technique implemented on most modern
smartphones to protect user's privacy against tracking based on Probe Request
frames capture. However, there exist weaknesses in such a methodology which may
still expose distinctive information, allowing to track the device generating
the Probe Requests. Such techniques, known as MAC de-randomization algorithms,
generally exploit Information Elements (IEs) contained in the Probe Requests
and use clustering methodologies to group together frames belonging to the same
device. While effective on heterogeneous device types, such techniques are not
able to differentiate among devices of identical type and running the same
Operating System (OS). In this paper, we propose a MAC de-randomization
technique able to overcome such a weakness. First, we propose a new dataset of
Probe Requests captured from devices sharing the same characteristics.
Secondly, we observe that the time-frequency pattern of Probe Request emission
is unique among devices and can therefore be used as a discriminative feature.
We embed such a feature in a two-stage clustering methodology and show through
experiments its effectiveness compared to state-of-the-art techniques based
solely on IEs fingerprinting. The original dataset used in this work is made
publicly available for reproducible research.</abstract><doi>10.48550/arxiv.2408.01578</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.2408.01578 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_2408_01578 |
| source | arXiv.org |
| subjects | Computer Science - Networking and Internet Architecture |
| title | MAC Address De-Randomization Using Multi-Channel Sniffers and Two-Stage Clustering |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-17T23%3A46%3A53IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=MAC%20Address%20De-Randomization%20Using%20Multi-Channel%20Sniffers%20and%20Two-Stage%20Clustering&rft.au=Baccichet,%20Giovanni&rft.date=2024-08-02&rft_id=info:doi/10.48550/arxiv.2408.01578&rft_dat=%3Carxiv_GOX%3E2408_01578%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |