UNVEIL: Capture and Visualise WiFi Data Leakages

In the past few years, numerous privacy vulnerabilities have been discovered in the WiFi standards and their implementations for mobile devices. These vulnerabilities allow an attacker to collect large amounts of data on the device user, which could be used to infer sensitive information such as religion, gender, and sexual orientation. Solutions for these vulnerabilities are often hard to design and typically require many years to be widely adopted, leaving many devices at risk. In this paper, we present UNVEIL - an interactive and extendable platform to demonstrate the consequences of these attacks. The platform performs passive and active attacks on smartphones to collect and analyze data leaked through WiFi and communicate the analysis results to users through simple and interactive visualizations. The platform currently performs two attacks. First, it captures probe requests sent by nearby devices and combines them with public WiFi location databases to generate a map of locations previously visited by the device users. Second, it creates rogue access points with SSIDs of popular public WiFis (e.g. _Heathrow WiFi, Railways WiFi) and records the resulting internet traffic. This data is then analyzed and presented in a format that highlights the privacy leakage. The platform has been designed to be easily extendable to include more attacks and to be easily deployable in public spaces. We hope that UNVEIL will help raise public awareness of privacy risks of WiFi networks.

[1]  Ismail Güvenç,et al.  Indoor occupancy tracking in smart buildings using passive sniffing of probe requests , 2016, 2016 IEEE International Conference on Communications Workshops (ICC).

[2]  Xinwen Fu,et al.  The Digital Marauder's Map: A New Threat to Location Privacy , 2009, 2009 29th IEEE International Conference on Distributed Computing Systems.

[3]  Narseo Vallina-Rodriguez,et al.  Haystack: In Situ Mobile Traffic Analysis in User Space , 2015, ArXiv.

[4]  Mathieu Cunche,et al.  Defeating MAC Address Randomization Through Timing Attacks , 2016, WISEC.

[5]  Ravishankar Borgaonkar,et al.  Mobile Subscriber WiFi Privacy , 2017, 2017 IEEE Security and Privacy Workshops (SPW).

[6]  Mathieu Cunche,et al.  Wombat: An experimental Wi-Fi tracking system , 2017 .

[7]  Jonathon A. Chambers,et al.  A look into the information your smartphone leaks , 2017, 2017 International Symposium on Networks, Computers and Communications (ISNCC).

[8]  Miguel Rio,et al.  Your WiFi is leaking: What do your mobile apps gossip about you? , 2018, Future Gener. Comput. Syst..

[9]  Mathieu Cunche,et al.  Spread of MAC address randomization studied using locally administered MAC addresses use historic , 2018 .

[10]  Burkhard Stiller,et al.  Probr - A Generic and Passive WiFi Tracking System , 2016, 2016 IEEE 41st Conference on Local Computer Networks (LCN).

[11]  Erik C. Rye,et al.  A Study of MAC Address Randomization in Mobile Devices and When it Fails , 2017, Proc. Priv. Enhancing Technol..