Keywords
IoT Device Fingerprinting, Time-Series Analysis, Privacy Issues, Packet Length Analysis, Network Eavesdropping, Access Point Monitoring
Abstract
Abstract—This dissertation investigates the privacy implications of WiFi communication in Internet-of-Things (IoT) environments, focusing on the threat posed by out-of-network observers. Recent research has shown that in-network observers can glean information about IoT devices, user identities, and activities. However, the potential for information inference by out-of-network observers, who do not have WiFi network access, has not been thoroughly examined. The first study provides a detailed summary dataset, utilizing Random Forest for data summary classification. This study highlights the significant privacy threat to WiFi networks and IoT applications from out-of-network observers. Building on this investigation, the second study extends the research by utilizing a new set of time series monitored WiFi data frames and advanced machine learning algorithms, specifically xGboost, for Time Series classification. This extension achieved high accuracy of up to 94\% in identifying IoT devices and their working status, demonstrating faster IoT device profiling while maintaining classification accuracy. Furthermore, the study underscores the ease with which outside intruders can harm IoT devices without joining a WiFi network, launching attacks quickly and leaving no detectable footprints. Additionally, the dissertation presents a comprehensive survey of recent advancements in machine-learning-driven encrypted traffic analysis and classification. Given the challenges posed by encryption for traditional packet and traffic inspection, understanding and classifying encrypted traffic are crucial. The survey provides insights into utilizing machine learning for encrypted network traffic analysis and classification, reviewing state-of-the-art techniques and methodologies. This survey serves as a valuable resource for network administrators, cybersecurity professionals, and policy enforcement entities, offering insights into current practices and future directions in encrypted traffic analysis and classification.
Completion Date
2024
Semester
Summer
Committee Chair
Changchun Zou
Degree
Doctor of Philosophy (Ph.D.)
College
College of Engineering and Computer Science
Department
Computer Science
Format
application/pdf
Identifier
DP0028590
URL
https://purls.library.ucf.edu/go/DP0028590
Language
English
Rights
In copyright
Release Date
August 2024
Length of Campus-only Access
None
Access Status
Doctoral Dissertation (Open Access)
Campus Location
Orlando (Main) Campus
STARS Citation
Alwhbi, Ibrahim A., "Eavesdropping-Driven Profiling Attacks on Encrypted WiFi Networks: Unveiling Vulnerabilities in IoT Device Security" (2024). Graduate Thesis and Dissertation 2023-2024. 387.
https://stars.library.ucf.edu/etd2023/387
Accessibility Status
Meets minimum standards for ETDs/HUTs