Abstract
Modern data communication paradigm involves many unsolicited data transmissions that poses privacy issues given the proliferation of big data and artificial intelligence (A.I.). In 802.x protocol which dominate wireless communication; Wi-Fi enabled devices voluntarily embed devices MAC address during SSID discovery when connecting to access point (AP). Such vulnerability has been massively exploited for unauthorized devices tracking without user consents. This paper proposed an opportunistic attendance taking system (OATA) using MAC address probing as a proof of concepts to demonstrate the significance of this exploit. The intuition is that student’s attendance can be implied based on the MAC address of their mobile devices when approaching lecture hall installed with AP(s). The body of this work focuses on comparing the OATA to some prominent attendance taking methods in pervasiveness and accuracy. For the operational hypothesis, a non-synthetic dataset is used for experimental evaluation to simulate realness and to minimize hawthorn effect. OATA is designed to circumvent MAC address randomization that is used on modern IOS and Android OS for accurate tracking. The experimental results showed that OATA is highly accurate at capturing device’s presence; achieving true positive rate (TPr) of 0.938 and false positive rate (FPr) of 0.063 with fast convergence time. The significance of this study highlight the concerns that big data coupled with increasingly intelligent A.I. can divulge more information than originally intended. Consequently, user’s privacy is compromised as their personal communication devices are demonstrated to be potentially exploited for unsolicited location tracking.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gruschka, N., Mavroeidis, V., Vishi, K., Jensen, M.: Privacy issues and data protection in big data: a case study analysis under GDPR. In: 2018 IEEE International Conference on Big Data (Big Data), Seattle, WA, USA, pp. 5027–5033 (2018)
Dev Mishra, A., Beer Singh, Y.: Big data analytics for security and privacy challenges. In: 2016 International Conference on Computing, Communication and Automation (ICCCA), Noida, pp. 50–53 (2016)
Chinw’s e-wallet success is an example for Southeast Asia players. https://www.techinasia.com/ewallets-china-southeast-asia-learn. Accessed 15 June 2019
Miao, M., Jayakar, K.: Mobile payments in Japan, South Korea and China: cross-border convergence or divergence of business models? Telecommun. Policy 40(2–3), 182–196 (2016)
Number of smartphone users worldwide from 2014 to 2020 (in billions). https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/. Accessed 15 June 2019
Khatoon, A., Corcoran, P.: Privacy concerns on Android devices. In: IEEE International Conference on Consumer Electronics (ICCE), Las Vegas, NV, pp. 149–152 (2017)
Sahnoune, Z., Aïmeur, E., Haddad, G.E., Sokoudjou, R.: Watch Your Mobile Payment: An Empirical Study of Privacy Disclosure, IEEE Trustcom/BigDataSE/ISPA, Helsinki, pp. 934–941 (2015)
Hellebrandt, M., Mathar, R.: Location tracking of mobiles in cellular radio networks. IEEE Trans. Veh. Technol. 48(5), 1558–1562 (1999)
Mihaylova, L., Angelova, D., Honary, S., Bull, D.R., Canagarajah, C.N., Ristic, B.: Mobility tracking in cellular networks using particle filtering. IEEE Trans. Wirel. Commun. 6(10), 3589–3599 (2007)
Zaidi, Z.R., Mark, B.L.: Real-time mobility tracking algorithms for cellular networks based on Kalman filtering. IEEE Trans. Mob. Comput. 4(2), 195–208 (2005)
Schilit, B., Hong, J., Gruteser, M.: Wireless location privacy protection. Computer 36(12), 135–137 (2003)
Smith, M., Szongott, C., Henne, B., von Voigt, G.: Big data privacy issues in public social media. In: 6th IEEE International Conference on Digital Ecosystems and Technologies (DEST), Campione d’Italia, pp. 1–6 (2012)
Li, M., Zhu, H., Gao, Z., Chen, S., Yu, L., Hu, S., Ren, K.: All your location are belong to us: breaking mobile social networks for automated user location tracking. In: Proceedings of the 15th ACM International Symposium on Mobile Ad Hoc Networking and Computing, Philadelphia, Pennsylvania, USA, pp. 43–52 (2014)
Yun, H., Han, D., Lee, C.C.: Understanding the use of location-based service applications: do privacy concerns matter? J. Electr. Commer. Res. 14(3), 215–230 (2013)
24 Best GPS Tracking Apps for Android. https://www.redbytes.in/top-10-best-gps-tracking-apps-for-android/. Accessed 15 June 2019
Chen, Y., Luo, R.: Design and implementation of a WiFi-based local locating system. In: IEEE International Conference on Portable Information Devices, Orlando, FL, pp. 1–5 (2007)
Sakib, M.N., Halim, J.B., Huang, C.: Determining location and movement pattern using anonymized WiFi access point BSSID. In: 7th International Conference on Security Technology, Haikou, pp. 11–14 (2014)
Alshamaa, D., Mourad-Chehade, F., Honeine, P.: Mobility-based tracking using WiFi RSS in indoor wireless sensor networks. In: 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS), Paris, pp. 1–5 (2018)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Aun, Y., Gan, ML., Khaw, YM.J. (2020). Automatic Attendance Taking: A Proof of Concept on Privacy Concerns in 802.11 MAC Address Probing. In: Anbar, M., Abdullah, N., Manickam, S. (eds) Advances in Cyber Security. ACeS 2019. Communications in Computer and Information Science, vol 1132. Springer, Singapore. https://doi.org/10.1007/978-981-15-2693-0_20
Download citation
DOI: https://doi.org/10.1007/978-981-15-2693-0_20
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-2692-3
Online ISBN: 978-981-15-2693-0
eBook Packages: Computer ScienceComputer Science (R0)