Thesis Defense - McCoy

Wireless devices have become ubiquitous in the daily lives of most people, and thus magnify their potential to harm users' privacy. The main goal of this dissertation is to identify and quantify privacy vulnerabilities in common mobile wireless devices and present practical methods to mitigate them. In this dissertation a holistic approach to achieve the goal of improving wireless privacy is taken, not focusing on a single layer, but focusing on the two key substrate layers, the link-layer and the physical-layer, and their interactions. In order to make this problem more concrete this investigation focus on 802.11, which is the dominant short range wireless protocol. However, the solutions are general enough to be applied to most wireless networks.

To understand the nature and different types of privacy threats, a detailed measurement of link-layer and physical-layer behavior of wireless devices is conducted. Using these measurements, it is demonstrated that wireless device drivers can be fingerprinted quickly and accurately using link-layer information, and that messages can be correlated back to their transmitting device using physical-layer information, even if there are no identifiers present at the link-layer. In response to these threats, first the design and build a prototype implementation of a wireless protocol that encrypts all bits transmitted at the link-layer is presented. Second, this work presents techniques to mitigating physical layer-privacy threats and quantify their effectiveness. Finally, it presents and evaluates methods to facilitate the establishment of trust in wireless protocols without requiring an out-of-band exchange of information. The key contribution of this dissertation is to present a framework of practical and generalized solutions that improve wireless privacy as a whole, and that can be applied to current and future wireless protocols.