Location and host fingerprinting for user identification

Abstract

User identification can be approached in terms of location fingerprinting and host fingerprinting. Location Identification of wireless stations based on the characteristic of the radio communication can provide an additional layer of awareness and security in distributed networks. As the inherent characteristics of wireless radio communications, wireless stations can easily be localized and recognized. On the other hand, stations still can be recognized from network traces, even it has been anonymized. Traffic pattern and station profile can be utilized to identify the stations in real world. In the thesis, we study these two fingerprinting techniques and possible countermeasures extensively. Localization becomes critical in distributed wireless communication systems as appropriate location information will be leveraged as inputs of some of the major tasks or to eliminate the potential attacks such as replication attack. Location fingerprinting refers to techniques that match the fingerprint of some characteristic of the signal that is location dependent. The fingerprints of different locations are stored in a database and matched to measured fingerprints at the current location of an MS. We propose a simple centroid based classification model to effectively classify the packets sent from distinct location among all the packets received based on the aggregated signal strength vectors. The reason behind is that packets from users and spoofed users attached with different location fingerprints. If location distinction is detected then it indicates that replication attack takes place. It is natural that the deployment of access points is closely related with the effectiveness of localization using fingerprints. In wireless networks, the reference points are ubiquitous and usually deployed under coverage consideration only. We propose an Optimal Loc-deployment problem for both coverage and area localization in WLAN. The objective is to deploy a minimum number of APs that provide full communication coverage while achieving the ability to locate a mobile device within any desired accuracy parameter. We exploit the problem under two different deployment patterns and prove the existence of the optimal solutions. We propose a set of optimal solutions and approximations to the problem and provide numerical evaluations and real experiments to validate our proposed solutions. Results of the Optimal Loc-deployment problem can be directly applied to various applications and guide the process of deploying WiFi access points or sensors in an empty place to achieve both coverage and area localization. Another fingerprinting involved in the thesis is the fingerprinting of hosts with sensitive information anonymized in public traces. Host fingerprinting is able to reveal the real IP addresses based on modest amount of public information in prefix preserving traces. We propose a new technique that can be used to enhance any existing trace anonymization schemes against the host fingerprinting attacks. This new approach introduces randomness before trace is published so that the fingerprints extracted by the adversary are no longer accurate. We use real traces anonymized from a university to conduct experiments. The results show the new anonymization model provides a flexible mechanism allowing data publishers trade off utility and host protection.