Thwarting Wi-Fi Side-Channel Analysis through Traffic Demultiplexing

Side-channel information leaks have been reported in various online applications, especially, in wireless local area networks (WLANs) due to the shared-medium nature of wireless links and the ease of eavesdropping. Even when Wi-Fi traffic is encrypted, its characteristics are identifiable, which can be used to infer sensitive user activities and data. Existing countermeasures do not offer effective and efficient protection: packet padding and traffic morphing often bring in substantial communication overheads; attempts to anonymize user identifiers are vulnerable to the analysis based upon traffic statistics. In this paper, we present a new technique, called traffic demultiplexing, which offers effective protection against Wi-Fi traffic analysis without incurring noticeable overhead and performance degradation. Our approach utilizes Media Access Control (MAC) layer virtualization and packet scheduling over multiple virtual MAC interfaces to shape the traffic on each virtual MAC interface, so as to hide the original traffic characteristics. Traffic demultiplexing operates at the MAC layer and is transparent to users and other protocol stacks. We implemented our technique over Multiband Atheros Driver for Wi-Fi (MadWifi) and evaluated it in real WLAN environments. Our experimental study demonstrates that traffic demultiplexing is effective and efficient in defending against traffic analysis attacks and easy to deploy.