Quantifying the Information Leak in IEEE 802.11 Network Discovery

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10866)


Wi-Fi is often the easiest and most affordable way to get a device connected. When a device connects to any Wi-Fi network its identifier (SSID) is stored in the device. These SSIDs are sometimes intentionally exposed to the outside world during periodic network discovery routines. In this paper we quantify the information leak that is present in the current network discovery protocol. Our collected data shows how common it is for a device to leak information and what can be derived from the names of networks a user has connected to in the past. We introduce a way to measure the uniqueness of an entity, which is based on the set of leaked SSID names. We apply previously proposed methods of MAC address randomization reversal on our data and evaluate entity uniqueness. We show how unique SSID names backfire against attempts to obfuscate user devices. Finally we evaluate an existing alternative network discovery scheme that does not leak information.


  1. 1.
    Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. IEEE Std 802.11-2012 (Revision of IEEE Std 802.11-2007), pp. 1–2793, March 2012Google Scholar
  2. 2.
    Barbera, M.V., Epasto, A., Mei, A., Perta, V.C., Stefa, J.: Signals from the crowd: uncovering social relationships through smartphone probes. In: Proceedings of the 2013 Conference on Internet Measurement Conference, IMC 2013, pp. 265–276. ACM, New York (2013).
  3. 3.
    Freudiger, J.: How talkative is your mobile device?: an experimental study of Wi-Fi probe requests. In: Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, WiSec 2015, pp. 8:1–8:6. ACM, New York (2015).
  4. 4.
    Greenstein, B., McCoy, D., Pang, J., Kohno, T., Seshan, S., Wetherall, D.: Improving wireless privacy with an identifier-free link layer protocol. In: Proceedings of the 6th International Conference on Mobile Systems, Applications, and Services, MobiSys 2008, pp. 40–53. ACM, New York (2008).
  5. 5.
    Gruteser, M., Grunwald, D.: Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis. In: Proceedings of the 1st ACM International Workshop on Wireless Mobile Applications and Services on WLAN Hotspots, WMASH 2003, pp. 46–55. ACM, New York (2003).
  6. 6.
    Lindqvist, J., et al.: Privacy-preserving 802.11 access-point discovery. In: Proceedings of the Second ACM Conference on Wireless Network Security, WiSec 2009, pp. 123–130. ACM, New York (2009).
  7. 7.
    Martin, J., et al.: A study of MAC address randomization in mobile devices and when it fails. arXiv preprint arXiv:1703.02874 (2017)
  8. 8.
    Matte, C., Cunche, M., Rousseau, F., Vanhoef, M.: Defeating MAC address randomization through timing attacks. In: Proceedings of the 9th ACM Conference on Security & #38; Privacy in Wireless and Mobile Networks, WiSec 2016, pp. 15–20. ACM, New York (2016).
  9. 9.
    Pang, J., Greenstein, B., Gummadi, R., Seshan, S., Wetherall, D.: 802.11 user fingerprinting. In: Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking, MobiCom 2007, pp. 99–110, ACM, New York (2007).
  10. 10.
    Riley, S.: Myth vs. reality: wireless SSIDs, October 2007Google Scholar
  11. 11.
    Singelée, D., Preneel, B.: Location privacy in wireless personal area networks. In: Proceedings of the 5th ACM Workshop on Wireless Security, WiSe 2006, pp. 11–18. ACM, New York (2006).
  12. 12.
    Vanhoef, M., Matte, C., Cunche, M., Cardoso, L.S., Piessens, F.: Why MAC address randomization is not enough: an analysis of Wi-Fi network discovery mechanisms. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ASIA CCS 2016, pp. 413–424. ACM, New York (2016).
  13. 13.
    Waltari, O., Kangasharju, J.: The wireless shark: identifying WiFi devices based on probe fingerprints. In: Proceedings of the First Workshop on Mobile Data, MobiData 2016, pp. 1–6. ACM, New York (2016).

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  1. 1.Department of Computer ScienceUniversity of HelsinkiHelsinkiFinland

Personalised recommendations