WiFi-based IoT Devices Profiling Attack based on Eavesdropping of Encrypted WiFi Traffic

In this project, we investigate privacy leakage derived from an out-of-network traffic eavesdropper on the encrypted WiFi traffic of popular IoT devices. We instrumented a testbed of 12 popular IoT devices and evaluated multiple machine learning methods for fingerprinting and inferring what IoT devices exist in a WiFi network, even their working status. By only exploiting the WiFi frame header information, we have achieved 95% accuracy in identifying the devices and often their working status, with very high confidence to specific brands’ profile. This study demonstrates that information leakage and privacy attack is a real threat for WiFi network and IoT applications.