Napredna pretraga

Pregled bibliografske jedinice broj: 948821

SSID Oracle Attack on Undisclosed Wi-Fi Preferred Network Lists

Dagelić, Ante; Perković, Toni; Vujatović, Bojan; Čagalj, Mario
SSID Oracle Attack on Undisclosed Wi-Fi Preferred Network Lists // Wireless communications and mobile computing, Volume 2018 (2018), 5153265, 15 doi:10.1155/2018/5153265 (međunarodna recenzija, članak, znanstveni)

SSID Oracle Attack on Undisclosed Wi-Fi Preferred Network Lists

Dagelić, Ante ; Perković, Toni ; Vujatović, Bojan ; Čagalj, Mario

Wireless communications and mobile computing (1530-8669) Volume 2018 (2018); 5153265, 15

Vrsta, podvrsta i kategorija rada
Radovi u časopisima, članak, znanstveni

Ključne riječi
WiFi, SSID, preferred network list, location privacy, dictionary

User’s location privacy concerns have been further raised by today’s WiFi technology omnipresence. Preferred Net- work Lists (PNL) are a particularly interesting source of private location information, as devices are storing a list of previously used hotspots. Privacy implications of a disclosed PNL have been covered by numerous papers, mostly focusing on passive monitoring attacks. Nowadays, however, more and more devices no longer transmit their PNL in clear, thus mitigating passive attacks. Hidden PNLs are still vulnerable against active attacks whereby an attacker mounts a fake SSID hotspot set to one likely contained within targeted PNL. If the targeted device has this SSID in the corresponding PNL, it will automatically initiate a connection with the fake hotspot thus disclosing this information to the attacker. By iterating through different SSIDs (from a predefined dictionary) the attacker can eventually reveal a big part of the hidden PNL. Considering user mobility, executing active attacks usually has to be done within a short opportunity window, while targeting non-trivial SSIDs from user’s PNL. The existing work on active attacks against hidden PNLs often neglects both of these challenges. In this paper we propose a simple mathematical model for analyzing active SSID dictionary attacks, allowing us to optimize the effectiveness of the attack under the above constraints (limited window of opportunity and targeting non-trivial SSIDs). Additionally, we showcase an example method for building an effective SSID dictionary using top-N recommender algorithm and validate our model through simulations and extensive real life tests.

Izvorni jezik

Znanstvena područja


Fakultet elektrotehnike, strojarstva i brodogradnje, Split,
Sveučilište u Splitu Sveučilišni odjel za forenzične znanosti

Časopis indeksira:

  • Current Contents Connect (CCC)
  • Web of Science Core Collection (WoSCC)
    • Science Citation Index Expanded (SCI-EXP)
    • SCI-EXP, SSCI i/ili A&HCI
  • Scopus