Roksana Boreli

I know who you will meet this evening! Linking wireless devices using Wi-Fi probe requests

Active service discovery in Wi-Fi involves wireless stations broadcasting their Wi-Fi fingerprint, i.e. the SSIDs of their preferred wireless networks. The content of those Wi-Fi fingerprints can reveal different types of information about the owner. We focus on the relation between the fingerprints and the links between the owners. Our hypothesis is that social links between devices owners can be identified by exploiting the information contained in the fingerprint. More specifically we propose to consider the similarity between fingerprints as a metric, with the underlying idea: similar fingerprints are likely to be linked. We first study the performances of several similarity metrics on a controlled dataset and then apply the designed classifier to a dataset collected in the wild. Finally we discuss how Wi-Fi fingerprint can reveal informations on the nature of the links between users. This study is based on a dataset collected in Sydney, Australia, composed of fingerprints corresponding to more than 8000 devices.

Linking Wireless Devices Using Information Contained in Wi-Fi Probe Requests

Abstract Active service discovery in Wi-Fi involves wireless stations broadcasting their Wi-Fi fingerprint, i.e. the SSIDs of their preferred wireless networks. The content of those Wi-Fi fingerprints can reveal different types of information about the owner. We focus on the relation between the fingerprints and the links between the owners. Our hypothesis is that social links between devices’ owners can be identified by exploiting the information contained in the fingerprint. More specifically we propose to consider the similarity between fingerprints as a metric, with the underlying idea: similar fingerprints are likely to be linked. We first study the performances of several similarity metrics on a controlled dataset and then apply the designed classifier to a dataset collected in the wild. Finally we discuss potential countermeasures and propose a new one based on geolocation. This study is based on a dataset collected in Sydney, Australia, composed of fingerprints belonging to more than 8000 devices.

Network-level security and privacy control for smart-home IoT devices

The increasing uptake of smart home appliances, such as lights, smoke-alarms, power switches, baby monitors, and weighing scales, raises privacy and security concerns at unprecedented scale, allowing legitimate and illegitimate entities to snoop and intrude into the familys activities. In this paper we first illustrate these threats using real devices currently available in the market. We then argue that as more such devices emerge, the attack vectors increase, and ensuring privacy/security of the house becomes more challenging. We therefore advocate that device-level protections be augmented with network-level security solutions, that can monitor network activity to detect suspicious behavior. We further propose that software defined networking technology be used to dynamically block/quarantine devices, based on their network activity and on the context within the house such as time-of-day or occupancy-level. We believe our network-centric approach can augment device-centric security for the emerging smart-home.

An experimental study of security and privacy risks with emerging household appliances

Smart household appliances, ranging from light-bulbs and door-locks to power switches and smoke-alarms, are rapidly emerging in the marketplace, with predictions that over 2 billion devices will be installed within the next four years. However, security implementations vary widely across these devices, while privacy implications are unclear to users. In this paper we dissect the behavior of a few household devices, specifically the Phillips Hue light-bulb, the Belkin WeMo power switch, and the Nest smoke-alarm, and highlight the ease with which security and privacy can be compromised. We then propose a new solution to protect such devices by restricting access at the network-level. Our solution does not require changes from device manufacturers, reduces burden on the end-users, and allows security to be offered as an overlay service by the ISP or from a specialist provider in the cloud.

DAPS: Intelligent delay-aware packet scheduling for multipath transport

The increasing heterogeneity and asymmetry in wireless network environments makes QoS guarantees in terms of delays and throughput a challenging task. In this paper, we study a novel scheduling algorithm for multipath transport called Delay Aware Packet Scheduling (DAPS) which aims to reduce the receivers buffer blocking time considered as a main parameter to enhance the QoS in wireless environments. We develop an analytical model of maximum receivers buffer blocking time and extend the DAPS algorithm considering implementation issues. Performance evaluations based on ns-2 simulations highlight the enhanced QoS that DAPS can provide. With reference to the classical multipath transport protocol CMT-SCTP, we observe a significant reductions of the receivers buffer occupancy, down by 77%, and the application delay, down by 63%.

Trusted routing for VANET

Trust establishment in VANET is a particularly challenging task due to the lack of infra-structure, openness of wireless links and the usually highly dynamic network topology. To overcome these difficulties, we propose a trusted routing framework that provides message authentication, node-to-node trust and routability verification, without online assistance of Certificate Authorities (CA). Our approach prevents identity impersonation, false link availability indication by compromised nodes as well as some of routing protocol specific misbehaviours. By applying this framework to the Optimised Link State Routing Protocol (OLSR), we demonstrate how this mechanism can be used to establish trusted routes.

Inferring user relationship from hidden information in WLANs

With ever increasing usage of handheld devices and vast deployment of wireless networks, we observe that it is possible to collect data from mobile devices and reveal personal relationships of their owners. In the paper, we exploit the hidden information collected from WLAN devices and infer individual relationships between device pairs based on three observation dimensions: network association history, physical proximity and spatio-temporal behavior. By measuring WLAN data, we demonstrate that device owners with social relationship tend to share access points, or show similar behavior patterns in wireless communications (e.g. go to the same place periodically to access the same WLAN network). These results can be exploited for various network analytic purposes.

Applying Differential Privacy to Matrix Factorization

Recommender systems are increasingly becoming an integral part of on-line services. As the recommendations rely on personal user information, there is an inherent loss of privacy resulting from the use of such systems. While several works studied privacy-enhanced neighborhood-based recommendations, little attention has been paid to privacy preserving latent factor models, like those represented by matrix factorization techniques. In this paper, we address the problem of privacy preserving matrix factorization by utilizing differential privacy, a rigorous and provable privacy preserving method. We propose and study several approaches for applying differential privacy to matrix factorization, and evaluate the privacy-accuracy trade-offs offered by each approach. We show that input perturbation yields the best recommendation accuracy, while guaranteeing a solid level of privacy protection.

Big friend is watching you: analyzing online social networks tracking capabilities

In this paper, we examine web user tracking capabilities of the three major global Online Social Networks (OSNs). We study the mechanisms which enable these services to persistently and accurately follow users web activity, and evaluate to which extent this phenomena is spread across the web. Through a study of the top 10K websites, our findings indicate that OSN tracking is diffused among almost all website categories, independently from the content and from the audience. We also evaluate the tracking capabilities in practice and demonstrate by analyzing a real traffic traces that OSNs can reconstruct a significant portion of users web profile and browsing history. We finally provide insights into the relation between the browsing history characteristics and the OSN tracking potential, highlighting the high risk properties.

Mitigating Receiver's Buffer Blocking by Delay Aware Packet Scheduling in Multipath Data Transfer

Reliable in order multipath data transfer under asymmetric heterogeneous network conditions has known problems related to receivers buffer blocking, caused by out of order packet arrival. Several mitigation techniques have been proposed to address this issue mostly by using various packet retransmission schemes, load-balancing and bandwidth-estimation based mechanisms. In comparison to the existing reactive techniques for buffer block mitigation, we propose a novel and yet simpler to implement, delay aware packet scheduling scheme for multipath data transfer over asymmetric network paths, that proactively minimizes the blocking inside receivers buffer. Our initial simulation results show that, in comparison to the default round robin packet scheduler, by using our proposed delay aware packet scheduling scheme, we can significantly improve overall performance while notably minimizing the receivers buffer usage, which is also beneficial for multi-homed hand-held mobile devices with limited buffering capacity, which, due to their multi-homing and heterogeneous wireless network features (i.e. availability of 3G and Wi-Fi) are also one of the most common use cases for multi-path transport.