Security

U Arizona Engineers Intend To Tighten Wi-Fi

• By Dian Schaffhauser
• 11/10/14

A University of Arizona research project hopes to figure out how to stop the eavesdropping that can take place in wireless transmissions. Researchers Marwan Krunz and Loukas Lazos recently received $660,000 from the National Science Foundation for reducing "information leakage" through a number of approaches. Krunz is a professor and Lazos an associate professor in the Department of Electrical and Computer Engineering.

The problem of leakage is a critical aspect of wireless communications. With a bit of know-how and specialized equipment unauthorized people can virtually drop in on over-the-air transmissions and breach the privacy of others by tracking certain types of information.

Eavesdroppers may be hackers intent on stealing information; but they may also be corporate networks, government agencies and phone makers installing encryption software that can't be tracked by law enforcement.

Even encryption can't prevent intruders from accessing the content or parts of the data packet header. Using commercially available radio hardware, they can intercept transmissions and capture attributes, such as packet size, duration and radio frequency. Those elements can be analyzed and correlated to identify a user's transmission "signature," the pattern that the user follows in online activities, such as typical Web sites, their associations and preferences. That information can be used to capture and steal personal information.

"Transmission signatures present a huge threat to security in wireless communications," said Krunz. "In five seconds of eavesdropping on encrypted Wi-Fi traffic, eavesdroppers can achieve 80 percent accuracy in guessing what Web sites users are visiting and which applications they are running."

The four-year U Arizona research project will have broad objectives: to test "novel physical-layer obfuscation techniques" to make data packets and their headers "undecodable," and to investigate "colluding eavesdroppers" who monitor and mine wireless transmissions over long periods.

The researchers are developing "friendly jamming" methods to inject artificial noise into wireless transmissions and "beamforming," enabling a device to pinpoint precisely where its signal can be received.

"This is a very new area of study," Krunz said. "We really don't fully understand the kind and extent of harm that is possible through leakage of transmission signatures."

Until users have access to privacy-preserving technologies, such as those under development by the team, Krunz offers advice for maintaining security: Create long passwords that are hard to guess and change them often. Use virtual private networks, which aren't failsafe but are better than nothing. And when using a wireless device in a public place, where most eavesdropping occurs, think twice about what you do and what you post online.