Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Smartphone User Fingerprinting on Wireless Traffic

Yong Huang, Zhibo Dong, Xiaoguang Yang, Dalong Zhang, Qingxian Wang, Zhihua Wang

TL;DR

This work demonstrates that encrypted Wi-Fi MAC-layer traffic leaks rich information about smartphone usage, enabling passive fingerprinting of apps, in-app actions, and user identities with high accuracy. The authors design U-Print, which combines careful traffic preprocessing, multi-level feature extraction, an open-world capable Temporal Convolutional Network with OpenMax for app/action recognition, and silhouette-based user counting with k-means clustering for identification. Across three custom datasets, U-Print achieves up to 98.4% user identification accuracy and over 86% open-world app/action recognition, validating the feasibility of open-world smartphone fingerprinting from MAC-layer traffic. The study highlights privacy risks in everyday Wi-Fi usage and discusses potential defenses, emphasizing the need for robust protections against MAC-layer fingerprinting and user profiling.

Abstract

Due to the openness of the wireless medium, smartphone users are susceptible to user privacy attacks, where user privacy information is inferred from encrypted Wi-Fi wireless traffic. Existing attacks are limited to recognizing mobile apps and their actions and cannot infer the smartphone user identity, a fundamental part of user privacy. To overcome this limitation, we propose U-Print, a novel attack system that can passively recognize smartphone apps, actions, and users from over-the-air MAC-layer frames. We observe that smartphone users usually prefer different add-on apps and in-app actions, yielding different changing patterns in Wi-Fi traffic. U-Print first extracts multi-level traffic features and exploits customized temporal convolutional networks to recognize smartphone apps and actions, thus producing users' behavior sequences. Then, it leverages the silhouette coefficient method to determine the number of users and applies the k-means clustering to profile and identify smartphone users. We implement U-Print using a laptop with a Kali dual-band wireless network card and evaluate it in three real-world environments. U-Print achieves an overall accuracy of 98.4% and an F1 score of 0.983 for user inference. Moreover, it can correctly recognize up to 96% of apps and actions in the closed world and more than 86% in the open world.

Smartphone User Fingerprinting on Wireless Traffic

TL;DR

This work demonstrates that encrypted Wi-Fi MAC-layer traffic leaks rich information about smartphone usage, enabling passive fingerprinting of apps, in-app actions, and user identities with high accuracy. The authors design U-Print, which combines careful traffic preprocessing, multi-level feature extraction, an open-world capable Temporal Convolutional Network with OpenMax for app/action recognition, and silhouette-based user counting with k-means clustering for identification. Across three custom datasets, U-Print achieves up to 98.4% user identification accuracy and over 86% open-world app/action recognition, validating the feasibility of open-world smartphone fingerprinting from MAC-layer traffic. The study highlights privacy risks in everyday Wi-Fi usage and discusses potential defenses, emphasizing the need for robust protections against MAC-layer fingerprinting and user profiling.

Abstract

Due to the openness of the wireless medium, smartphone users are susceptible to user privacy attacks, where user privacy information is inferred from encrypted Wi-Fi wireless traffic. Existing attacks are limited to recognizing mobile apps and their actions and cannot infer the smartphone user identity, a fundamental part of user privacy. To overcome this limitation, we propose U-Print, a novel attack system that can passively recognize smartphone apps, actions, and users from over-the-air MAC-layer frames. We observe that smartphone users usually prefer different add-on apps and in-app actions, yielding different changing patterns in Wi-Fi traffic. U-Print first extracts multi-level traffic features and exploits customized temporal convolutional networks to recognize smartphone apps and actions, thus producing users' behavior sequences. Then, it leverages the silhouette coefficient method to determine the number of users and applies the k-means clustering to profile and identify smartphone users. We implement U-Print using a laptop with a Kali dual-band wireless network card and evaluate it in three real-world environments. U-Print achieves an overall accuracy of 98.4% and an F1 score of 0.983 for user inference. Moreover, it can correctly recognize up to 96% of apps and actions in the closed world and more than 86% in the open world.

Paper Structure

This paper contains 15 sections, 18 equations, 20 figures, 7 tables.

Table of Contents

  1. Introduction
  2. Threat Model and Feasibility Study
  3. Threat Model
  4. Feasibility Study
  5. System Design
  6. System Overview
  7. Traffic Preprocessing and Feature Extraction
  8. App and Action Recognition
  9. User Profiling and Identification
  10. Evaluation
  11. Evaluation Methodology
  12. Experimental Results
  13. Related Work
  14. Discussion
  15. Conclusion

Figures (20)

  • Figure 1: Threat model.
  • Figure 2: Feasibility study.
  • Figure 3: System overview.
  • Figure 4: Density distributions of statistical features across different actions.
  • Figure 5: App classifier and action classifiers.
  • ...and 15 more figures