IoT Privacy, Device Fingerprinting, Eavesdropping, Traffic Analysis Countermeasure; Traffic shaping


WiFi networks are susceptible to statistical traffic analysis attacks. Despite encryption, the metadata of encrypted traffic, such as packet inter-arrival time and size, remains visible. This visibility allows potential eavesdroppers to infer private information in the Internet of Things (IoT) environment. For example, it allows for the identification of sleep monitors and the inference of whether a user is awake or asleep.

WiFi eavesdropping theoretically enables the identification of IoT devices without the need to join the victim's network. This attack scenario is more realistic and much harder to defend against, thus posing a real threat to user privacy. However, researchers have not thoroughly investigated this type of attack due to the noisy nature of wireless channels and the relatively low accuracy of WiFi sniffers.

Furthermore, many countermeasures proposed in the literature are inefficient in addressing side-channel leakage in WiFi networks. They often burden internet traffic with high data overhead and disrupt the user experience by introducing deliberate delays in packet transmission.

This dissertation investigates privacy leakage resulting from WiFi eavesdropping and proposes efficient defensive techniques. We begin by assessing the practical feasibility of IoT device identification in WiFi networks. We demonstrate how an eavesdropper can fingerprint IoT devices by passively monitoring the wireless channel without joining the network. After exploring this privacy attack, we introduce a traffic spoofing-based defense within the WiFi channel to protect against such threats. Additionally, we propose a more data-efficient obfuscation technique to counter traffic analytics based on packet size without adding unnecessary noise to the traffic.

Completion Date




Committee Chair

Solihin, Yan


Doctor of Philosophy (Ph.D.)


College of Engineering and Computer Science


Computer Science

Degree Program

Computer Science






In copyright

Release Date

May 2024

Length of Campus-only Access


Access Status

Doctoral Dissertation (Open Access)

Campus Location

Orlando (Main) Campus

Accessibility Status

Meets minimum standards for ETDs/HUTs