Abstract. Since the introduction of active discovery in Wi-Fi networks, users can be tracked via their probe requests. Although manufacturers typically try to conceal Media Access Control (MAC) addresses using MAC address randomisation, probe requests still contain Information Elements (IEs) that facilitate device identification. This paper introduces generic probe requests: By removing all unnecessary information from IEs, the requests become indistinguishable from one another, letting single devices disappear in the largest possible anonymity set. Conducting a comprehensive evaluation, we demonstrate that a large IE set contained within undirected probe requests does not necessarily imply fast connection establishment. Furthermore, we show that minimising IEs to nothing but Supported Rates would enable 82.55% of the devices to share the same anonymity set. Our contributions provide a significant advancement in the pursuit of robust privacy solutions for wireless networks, paving the way for more user anonymity and less surveillance in wireless communication ecosystems.
翻译:摘要:自Wi-Fi网络引入主动发现功能以来,用户可经由其探测请求被追踪。尽管制造商通常尝试通过MAC地址随机化隐藏介质访问控制地址,但探测请求仍包含有助于设备识别的信息元素。本文提出通用探测请求:通过移除信息元素中所有非必要信息,使这些请求彼此无法区分,使单个设备隐没于最大可能的匿名集合中。通过全面评估,我们证明无定向探测请求中包含大量信息元素并不必然意味着快速连接建立。此外,我们表明将信息元素最小化至仅保留支持速率,可使82.55%的设备共享同一匿名集合。本研究为无线网络寻求稳健隐私保护方案提供了重要进展,为无线通信生态系统实现更高用户匿名性与更少监控铺平了道路。