280 likes | 448 Views
Track Me If You Can: On the Effectiveness of Context-based Identifier Changes in Deployed Mobile Network s (2012). Laurent Bindschaedler, Igor Bilogrevic,Jean-Pierre Hubaux (EPFL, Switzerland) Murtuza Jadliwala (Wichita State University, USA)
E N D
Track Me If You Can: On the Effectiveness of Context-based Identifier Changes in Deployed Mobile Networks (2012) Laurent Bindschaedler, Igor Bilogrevic,Jean-Pierre Hubaux (EPFL, Switzerland) Murtuza Jadliwala (Wichita State University, USA) Imad Aad, Philip Ginzboorg, Valtteri Niemi (nokia.com) Presented by Santiago Vera
Presentation Outline • Introduction • The Goal • System Model • Data collection and Processing • Tracking Framework and Algorithms • Empirical Results and Evaluation • Conclusion
Device-to-device Introduction
Pervasive Communication Systems • Static identifiers Source:
Pervasive Communication Systems • Static identifiers Source:
How the privacy can be protected? • Replace device identifiers with short live identifiers (pseudonyms) • Mix-zones: spatio-temporal regions where pseudonyms of users can change or mixed to provide de-correlation between pseudonyms and devices (Beresford and Stajano[9]) • TMSI Santiago Puppy Kitty Monkey
The Goal • To Evaluate mix-zones and context-based identifier-change mechanisms by means of a real on-campus mobile network deployment.
System Model • Mobile Network Model and Deployment http://conversations.nokia.com/2010/05/25/nokia-instant-community-gets-you-social/
Nokia Instant Community (NIC) • Multi-hop P2P network based on IEEE 802.11 • Publish-subscribe messaging • Communities NIC trial • 80 volunteers • Students and staff in EPFL campus for 4 months. (2011) • Nokia N900 smartphones with NIC. • Log everything
Pseudonym Change Algorithm (PCA) • Change pseudonym: context-based and at fixed intervals (random) - Mix-zones (regions, change identifiers) • Mix request, others users also change pseudonyms • To prevent network performance, limit # pseudonyms • MAC address Alice John Bob Mary
Adversary Model and Deployment • Passive • Eavesdrops by mesh network ( 37 wireless routers or APs) of sniffing stations • Weaker than Dolev-Yao model • No access to any device • Amount of data • Reconstruction attack
Presentation Outline • Introduction • The Goal • System Model • Data collection and Processing • Tracking Framework and Algorithms • Empirical Results and Evaluation • Conclusion
Tracking Model • Finite state first order Markov Chain • Where there is States S S= state space s=each state s=(pseudonym, first event, last event) • Transition probability P: S x S [0,1] (user invariant) - Validity - Time monotonicity
Adversarial Tracking Strategies • L-WALK Perform a walk in the state space such that the next state candidate with the highest probability is selected at every step(the walk is locally optimal) • G-WALK Perform a walk in the state space such the probability over the entire walk is maximized over all walks. (the walk is globally optimal)
To Estimate Transition Probabilities by using two heuristics • Common sniffing stations The higher # of common sniffing stations between the current state and the next state candidate, the higher the probability of transitioning. • Speed matching The closer the user speeds between the current state and the next state candidate, the more likely the candidate. (Speed between 2 events)
Presentation Outline • Introduction • The Goal • System Model • Data collection and Processing • Tracking Framework and Algorithms • Empirical Results and Evaluation • Conclusion
Privacy Metrics • Traceability metrics • Uncertainty metrics • Traceability-Uncertainty metrics • Clustering metrics
Tracking with Improved PCA in multiple user • PCA with radio silence randomized over a larger time interval • PCA with longer radio silence • PCA with radio silence until movement detected. Speed matching Common sniffing stations
Conclusion • Even simple tracking strategies achieve high traceability success in real settings. • Pseudonym change reduces the tracking success of the adversary and has an impact on network performance. • A decrease in number of adversary sniffing stations results in lower traceability. • Find a generic adversary model weaker than Dolev-Yao model but stronger than localized and stationary eavesdropper.
Thank You! Questions?