2021
DOI: 10.2478/popets-2021-0042
|View full text |Cite
|
Sign up to set email alerts
|

Three Years Later: A Study of MAC Address Randomization In Mobile Devices And When It Succeeds

Abstract: Mobile device manufacturers and operating system developers increasingly deploy MAC address randomization to protect user privacy and prevent adversaries from tracking persistent hardware identifiers. Early MAC address randomization implementations suffered from logic bugs and information leakages that defeated the privacy benefits realized by using temporary, random addresses, allowing devices and users to be tracked in the wild. Recent work either assumes these implementation flaws continue to exist in moder… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

2
24
0
1

Year Published

2022
2022
2024
2024

Publication Types

Select...
4
2
2

Relationship

0
8

Authors

Journals

citations
Cited by 45 publications
(27 citation statements)
references
References 11 publications
2
24
0
1
Order By: Relevance
“…We extend their work by evaluating modern devices supporting wider bandwidth channels, and additionally show two-meter level accuracy can be achieved on low-multipath 20 MHz bandwidth channels, matching evaluation results obtained in [11]. Furthermore, even though Wi-Fi MAC address randomization has been studied at length [12,28,47], and countermeasures to deanonymization and tracking mechanisms were proposed (e.g., randomization of sequence numbers) [36], we find these have not seen their adoption in protocols such as Wi-Fi FTM. Next, researchers have shown fingerprinting techniques to uniquely identify Wi-Fi cards [44,50,55], and in [14], the authors performed fingerprinting by including Wi-Fi FTM configuration parameters.…”
Section: Related Worksupporting
confidence: 54%
See 1 more Smart Citation
“…We extend their work by evaluating modern devices supporting wider bandwidth channels, and additionally show two-meter level accuracy can be achieved on low-multipath 20 MHz bandwidth channels, matching evaluation results obtained in [11]. Furthermore, even though Wi-Fi MAC address randomization has been studied at length [12,28,47], and countermeasures to deanonymization and tracking mechanisms were proposed (e.g., randomization of sequence numbers) [36], we find these have not seen their adoption in protocols such as Wi-Fi FTM. Next, researchers have shown fingerprinting techniques to uniquely identify Wi-Fi cards [44,50,55], and in [14], the authors performed fingerprinting by including Wi-Fi FTM configuration parameters.…”
Section: Related Worksupporting
confidence: 54%
“…That is, when sequence numbers are sequential, it becomes trivial to link distinct MAC addresses despite their address randomization. While researchers have correlated sequence numbers before [12,36], we find the problem persists beyond the traditional use cases of MAC address randomization (e.g., scanning for networks). That is, in practice we find the sequence number counters are not properly managed for protocols requiring address randomization, and these shortcomings become more severe in the con-text of privacy-sensitive protocols such as Wi-Fi FTM.…”
Section: Correlation Of Sequence Numbersmentioning
confidence: 94%
“…Probe requests in network discovery have distinguishable patterns despite using MAC randomization because of inconsistencies between implementations of the feature [1]. For example, a device may change only the last three bytes of its MAC address while another device only changes the locally administered bit in the MAC address.…”
Section: Patterns In Wi-fi Discovery Eventsmentioning
confidence: 99%
“…These configuration parameters create patterns because they determine the delay for each probe, how many bursts of probes are transmitted on a channel, and how many probes are sent in each burst. MAC randomization implementations create additional patterns because of variance in how often they change MAC addresses and when transmitting probe requests containing changed addresses [1]. To develop a time-based defense while MAC randomization is in use, adding jitter to ProbeDelay on each transmission becomes necessary to hide the pattern embedded in the IFATs.…”
Section: Patterns In Wi-fi Discovery Eventsmentioning
confidence: 99%
“…Even though there are works that study this randomization [278]- [281], the study within this field requires more work by the scientific community to obtain a policy that allows the security and privacy of the user, but that allows obtaining an estimate of the number of mobile devices in a room for its correct optimization and use.…”
Section: Contribution To Enhancing the Cognitive Capability Of Its Us...mentioning
confidence: 99%