Probe Request Based Device Identification Attack and Defense

Wi-Fi network has an open nature so that it needs to face greater security risks compared to wired network. The MAC address represents the unique identifier of the device, and is easily obtained by an attacker. Therefore MAC address randomization is proposed to protect the privacy of devices in a Wi-Fi network. However, implicit identifiers are used by attackers to identify user’s device, which can cause the leakage of user’s privacy. We propose device identification based on 802.11ac probe request frames. Here, a detailed analysis on the effectiveness of 802.11ac fields is given and a novel device identification method based on deep learning whose average f1-score exceeds 99% is presented. With a purpose of preventing attackers from obtaining relevant information by the device identification method above, we design a novel defense mechanism based on stream cipher. In that case, the original content of probe request frame is hidden by encrypting probe request frames and construction of probe request is reserved to avoid the finding of attackers. This defense mechanism can effectively reduce the performance of the proposed device identification method whose average f1-score is below 30%. In general, our research on attack and defense mechanism can preserve device privacy better.