Improving Identity Protection over Wireless Networks Through Protocol Specifications
Uloženo v:
| Vydáno v: | ProQuest Dissertations and Theses (2025) |
|---|---|
| Hlavní autor: | |
| Vydáno: |
ProQuest Dissertations & Theses
|
| Témata: | |
| On-line přístup: | Citation/Abstract Full Text - PDF |
| Tagy: |
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstrakt: | Mobile devices, now numbered in the billions, constantly communicate over wireless networking protocols to facilitate human communication. Our reliance on this technology has led to complex user identities, namely that dozens of digital identifiers are now linked to a single individual. While many such identifiers such as a phone number or an email address are known to the user, many more are used transparently by personal devices in networks we rely on to communicate with each other or other devices we own.Wireless network protocols (e.g., Bluetooth, cellular protocols) use these transparent identifiers to function properly with minimal user involvement. They achieve this by providing network tasks found “underneath the application layer,” or beneath the logical layer at which application-specific data is specified and handled. Consequently, application developers and end users often have little or no access to configure or monitor communication at these layers. Unfortunately, adversaries can take advantage of this abstraction to track users and, in some cases, gain access to their resources without their consent or knowledge.Due to the maturity, popularity, and interoperability of pervasive wireless networking protocols, they cannot be fundamentally changed in response to the public disclosure of a vulnerability. Known threats taking advantage of design flaws within their specifications, therefore, can persist even after they are disclosed to the relevant party. Nevertheless, defensive measures can limit the efficacy of adversarial tracking efforts on devices implementing these protocols, and therefore their users.In this dissertation, we explore how the relationship between a manual review of written protocol specifications and other factors such as measurement on real wireless networks and an inevitably evolving threat model can be used to mitigate persistent privacy threats against users of wireless networks. Specifically, we will discuss our techniques in developing attacks and defenses against Bluetooth networks, as well as uncovering evidence of rogue cellular base station usage in the wild, the latter substantiated by statistical analysis for the first time in academia. Finally, we review our work in providing the first analysis of a commercial rogue base station in academia. |
|---|---|
| ISBN: | 9798297610781 |
| Zdroj: | ProQuest Dissertations & Theses Global |