Back to articles
Volume: 33 | Article ID: art00015
AiroIdent – User identification based on analyzing WPA2 encrypted traffic containing search engine interactions
  DOI :  10.2352/ISSN.2470-1173.2021.4.MWSF-344  Published OnlineJanuary 2021

Most search engines provide search suggestions and autocompletion mechanisms based on the partially typed search string. In order to implement such functionality, frequent requests are being sent to the search engine provider. Recent publications show that there is a risk that the user can be identified by observing the TLS encrypted traffic and analyzing the unencrypted meta data. In this paper we extend this approach to the observation of widely used encrypted WiFi networks in order to estimate the potential privacy impact. Without having access to Layer 3 and 4 meta data, the main challenge of this approach is the identification of potential requests being sent to the search engine. We use a linear regression-based approach to identify candidate packet sequences for the feature extraction. The evaluation is done in an optimal environment (reduced WiFi-traffic) to determine a first tendency and performed using three search engines. In total four different user identification/verification approaches are utilized: M1 identification using a neural network, M2 identification using Manhattan distance, M3 identification using Euclidean distance and M4 verification using a one-class support vector machine (SVM). Our results show a classification performance for 10 different test subjects is ranging from 13.2% using the one-class SVM (M4) to 64.1% using the neural network (M1) for the identical search engine. In comparison to a group of five test subjects it can be seen that M1 provides more scalability in comparison to M2, M3 and M4. In addition to that, we present potential countermeasures which could help to increase the privacy of the users of a search engine.

Subject Areas :
Views 45
Downloads 13
 articleview.views 45
 articleview.downloads 13
  Cite this article 

Mario Hildebrandt, Aamir Shakir, Alexander Ziemke, Mohamed Abdelrazek, Hannes Stuetzer, Dominik Blut, Kevin Lamshoeft, Salatiel Ezennaya-Gomez, Christian Kraetzer, Jana Dittmann, "AiroIdent – User identification based on analyzing WPA2 encrypted traffic containing search engine interactionsin Proc. IS&T Int’l. Symp. on Electronic Imaging: Media Watermarking, Security, and Forensics,  2021,  pp 344-1 - 344-8,

 Copy citation
  Copyright statement 
Copyright © Society for Imaging Science and Technology 2021
Electronic Imaging
Society for Imaging Science and Technology
7003 Kilworth Lane, Springfield, VA 22151 USA