Poster: Can You Find Me?: Linking Devices Despite Wi-Fi MAC Randomization at MobiCom 2023

Federico Cifuentes-Urtubey; Robin Kravets

doi:10.1145/3636534.3697454

Poster: Can You Find Me?: Linking Devices Despite Wi-Fi MAC Randomization at MobiCom 2023

Federico Cifuentes-Urtubey, Robin Kravets

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

We present results for exposing vulnerabilities in MAC address randomization using Wi-Fi network discovery traffic collected at MobiCom 2023. By analyzing probe request sequence numbers and vendor-specific information elements, we successfully link randomized MAC addresses, reducing the observed MAC addresses to linked groups by over 45%. This demonstrates current MAC randomization protocols inadequately protect device privacy during network discovery.

Original language	English (US)
Title of host publication	ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking
Publisher	Association for Computing Machinery
Pages	1668-1670
Number of pages	3
ISBN (Electronic)	9798400704895
DOIs	https://doi.org/10.1145/3636534.3697454
State	Published - Dec 4 2024
Event	30th International Conference on Mobile Computing and Networking, ACM MobiCom 2024 - Washington, United States Duration: Nov 18 2024 → Nov 22 2024

Publication series

Name	ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking

Conference

Conference	30th International Conference on Mobile Computing and Networking, ACM MobiCom 2024
Country/Territory	United States
City	Washington
Period	11/18/24 → 11/22/24

Keywords

MAC address randomization
Wi-Fi
privacy
probe requests

ASJC Scopus subject areas

Computer Networks and Communications
Hardware and Architecture
Software

Online availability

10.1145/3636534.3697454

Library availability

Discover UIUC Full Text

Cite this

Cifuentes-Urtubey, F., & Kravets, R. (2024). Poster: Can You Find Me?: Linking Devices Despite Wi-Fi MAC Randomization at MobiCom 2023. In ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking (pp. 1668-1670). (ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking). Association for Computing Machinery. https://doi.org/10.1145/3636534.3697454

Poster: Can You Find Me?: Linking Devices Despite Wi-Fi MAC Randomization at MobiCom 2023. / Cifuentes-Urtubey, Federico; Kravets, Robin.
ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking. Association for Computing Machinery, 2024. p. 1668-1670 (ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Cifuentes-Urtubey, F & Kravets, R 2024, Poster: Can You Find Me?: Linking Devices Despite Wi-Fi MAC Randomization at MobiCom 2023. in ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking. ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking, Association for Computing Machinery, pp. 1668-1670, 30th International Conference on Mobile Computing and Networking, ACM MobiCom 2024, Washington, United States, 11/18/24. https://doi.org/10.1145/3636534.3697454

Cifuentes-Urtubey F, Kravets R. Poster: Can You Find Me?: Linking Devices Despite Wi-Fi MAC Randomization at MobiCom 2023. In ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking. Association for Computing Machinery. 2024. p. 1668-1670. (ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking). doi: 10.1145/3636534.3697454

Cifuentes-Urtubey, Federico ; Kravets, Robin. / Poster : Can You Find Me?: Linking Devices Despite Wi-Fi MAC Randomization at MobiCom 2023. ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking. Association for Computing Machinery, 2024. pp. 1668-1670 (ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking).

@inproceedings{32365f4b9aef4c25808ff54f8500b736,

title = "Poster: Can You Find Me?: Linking Devices Despite Wi-Fi MAC Randomization at MobiCom 2023",

abstract = "We present results for exposing vulnerabilities in MAC address randomization using Wi-Fi network discovery traffic collected at MobiCom 2023. By analyzing probe request sequence numbers and vendor-specific information elements, we successfully link randomized MAC addresses, reducing the observed MAC addresses to linked groups by over 45%. This demonstrates current MAC randomization protocols inadequately protect device privacy during network discovery.",

keywords = "MAC address randomization, Wi-Fi, privacy, probe requests",

author = "Federico Cifuentes-Urtubey and Robin Kravets",

note = "Publisher Copyright: {\textcopyright} 2024 Copyright held by the owner/author(s).; 30th International Conference on Mobile Computing and Networking, ACM MobiCom 2024 ; Conference date: 18-11-2024 Through 22-11-2024",

year = "2024",

month = dec,

day = "4",

doi = "10.1145/3636534.3697454",

language = "English (US)",

series = "ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking",

publisher = "Association for Computing Machinery",

pages = "1668--1670",

booktitle = "ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking",

address = "United States",

}

TY - GEN

T1 - Poster

T2 - 30th International Conference on Mobile Computing and Networking, ACM MobiCom 2024

AU - Cifuentes-Urtubey, Federico

AU - Kravets, Robin

PY - 2024/12/4

Y1 - 2024/12/4

N2 - We present results for exposing vulnerabilities in MAC address randomization using Wi-Fi network discovery traffic collected at MobiCom 2023. By analyzing probe request sequence numbers and vendor-specific information elements, we successfully link randomized MAC addresses, reducing the observed MAC addresses to linked groups by over 45%. This demonstrates current MAC randomization protocols inadequately protect device privacy during network discovery.

AB - We present results for exposing vulnerabilities in MAC address randomization using Wi-Fi network discovery traffic collected at MobiCom 2023. By analyzing probe request sequence numbers and vendor-specific information elements, we successfully link randomized MAC addresses, reducing the observed MAC addresses to linked groups by over 45%. This demonstrates current MAC randomization protocols inadequately protect device privacy during network discovery.

KW - MAC address randomization

KW - Wi-Fi

KW - privacy

KW - probe requests

UR - http://www.scopus.com/inward/record.url?scp=105002567001&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=105002567001&partnerID=8YFLogxK

U2 - 10.1145/3636534.3697454

DO - 10.1145/3636534.3697454

M3 - Conference contribution

AN - SCOPUS:105002567001

T3 - ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking

SP - 1668

EP - 1670

BT - ACM MobiCom 2024 - Proceedings of the 30th International Conference on Mobile Computing and Networking

PB - Association for Computing Machinery

Y2 - 18 November 2024 through 22 November 2024

ER -

Poster: Can You Find Me?: Linking Devices Despite Wi-Fi MAC Randomization at MobiCom 2023

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this