Performance Analysis of a Privacy-Preserving Frame Sniffer on a Raspberry Pi

Autor: Dias de Mello Silva, Fernando, Kumar Mishra, Abhishek, Carneiro Viana, Aline, Achir, Nadjib, Fladenmuller, Anne, Luís, Henrique
Přispěvatelé: Universidade Federal do Rio de Janeiro (UFRJ), inTeRnet BEyond the usual (TRiBE ), Inria Saclay - Ile de France, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Networks and Performance Analysis (NPA), LIP6, Sorbonne Université (SU)-Centre National de la Recherche Scientifique (CNRS)-Sorbonne Université (SU)-Centre National de la Recherche Scientifique (CNRS), This work has been partially funded by the ANR MITIK project, French National Research Agency (ANR), PRC AAPG2019., ANR-19-CE25-0006,Mitik,Génération de traces de mobilité et de contact à partir de mesures passives non intrusives(2019)
Rok vydání: 2022
Předmět:
Zdroj: CSNet 2022-6th Cyber Security in Networking Conference
CSNet 2022-6th Cyber Security in Networking Conference, Oct 2022, Rio de Janeiro, Brazil. ⟨10.1109/CSNet56116.2022.9955615⟩
Popis: International audience; Wi-Fi (IEEE 802.11) networks are an abundant data source that may serve different applications such as epidemic tracking and prevention, disaster response, crowdsensing, or ubiquitous urban services. Nevertheless, collecting and exploiting such data brings many privacy liabilities, considering that each transmitted frame has the MAC address (a unique device identifier) of the corresponding personal device, also considered sensitive information. Literature has shown that the MAC randomization performed by manufacturers of phones is not enough to protect devices' identification. Data obfuscation is a promising solution to avoid storing advertised identifiers of devices and prevent attackers from acquiring sensitive data. Obfuscating such identifiers while also being able to differentiate frames sent by different devices poses a significant challenge for frame capturing by low-resource IoT devices in real-time. This paper illustrates the impact of on-the-fly hashing as an obfuscating measure to protect people's privacy. Since no popular off-the-shelf sniffer (using wireshark or tcpdump) allows for on-the-fly hashing, we build upon the scapy library a custommade sniffer capable of hashing the required data needed to protect user privacy. We demonstrate the viability of this privacypreserving IoT sniffer on a Raspberry Pi platform.
Databáze: OpenAIRE