Privacy Leaks from Wi-Fi Probing


In a modern era where smartphone use has exponentially increased, we investigate the amount of private information an adversary can extract by looking at the active service discover in Wifi where a wireless station broadcasts the list of its preferred wireless networks, without user’s consent or knowledge. This report describes a range of different techniques which violate users’ privacy by using Wi-Fi fingerprints emitted from devices. One of the main points of the report include the relationship discovery that was first implemented by Cunche, et al and explains how to infer relationships between users through their SSIDs sets. Other attacks can be mounted that will reveal not only a social link between users but the actual path that a device follows in real time.

Wi-Fi Probing Diagram

Figure 1.0 – Wireshark was used to capture the probing requests that include MAC addresses and SSIDs in plain text.

During the last decade the number of portable Wi-Fi devices such as smartphones, tablets, and notebooks have increased dramatically. Nowadays, the majority of users constantly carry their mobile devices with them not only at workplace but also at home. For this reasons, it has become the most preferable way to provide internet access for medium range connectivity.In this regard many recent scientific papers have investigated how much information can be obtained from user interaction with a Wi-Fi network. Particularly observing the fields that are transmitted in plaintext such as probe requests In order to connect to the network a mobile phone is sending the probes requests that contain the SSID name of previously associated networks. This mode is called Active Discovery Mode (ADM). Wi-Fi supports encryption and authentication standards (e.g. WPA2) to ensure that the transmitted data between a client and an Access Point are safe from eavesdroppers.

However, before we reach the phase of credentials exchanging there is the phase of Network Discovery where a Wi-Fi enabled client discovers and contacts the AP for the first time. In this phase there are several messages exchanged between the two parties (e.g. network discovery probe requests) that are transmitted necessarily in plaintext. These packets (also called frames) include in their headers, among others, the Media Access Control (MAC) address of the Wi-Fi enabled device. This address serves as a unique identifier for the said device. Based on this two features: unique identifier MAC and probes it seems feasible to identify users with a high probability.This fact enables the identification of a user by its device’s MAC address. Practically, the device serves as an interface to reach the user behind and the MAC address of the device becomes as a nickname of the user.

As a result, the user becomes vulnerable to what we would call fingerprinting attacks. Fingerprinting is called “the process by which a device, it’s driver or the OS a machine is running can be uniquely identified by its externally observable characteristics”. Therefore an adversary can extract information about someone previous history location or even track him down in small proximity.

The reports outlines the most important attacks including the following :

  1. Infer Social Link
    1. Location proximity
    2. Spatio-temporal co-occurrence probability
  2. Wi-Fi Tracking 
    1. Stalker Attack
    2. Beacon Replay Attack
  3. Estimating Smartphone Trajectories

* If you would like to read the full report please click here : Privacy Leaks from Wi-Fi Probing

For this project the following information security students contributed :

  • Pejman Najafi
  • Andreas Georgiou
  • Dina Shachneva
  • Ioannis Vlavianos


Are TV ratings possible with Twitter? – tweetTV

This project explains the creation and the use of tweetTV, a system that collects and analyses tweets from the micro blogging site Twitter, with the aim of comparing them with TV ratings in order to identify meaningful relationships.

tweetTV v1.2 Screenshot
tweetTV Software v1.2 Screenshot

Using tweetTV, Twitter text messages were collected, processed and then classified, by applying some data mining techniques. By isolating tweets that referred to three specific popular TV shows, a significant number of tweets was analysed and compared with TV ratings available from the British Audience Research Board (BARB). Furthermore, sentiment analysis was implemented to investigate the temporal variability of positive, negative and informational tweets in conjunction with TV ratings and whether the awareness of tweet’s attitude could enhance the accuracy of the system.

The running of tweetTV was successful in collecting sufficient amount of tweets to carry out the analyses required, which included qualitative and quantitative comparisons. A strong correlation was found between the number of tweets and the number of viewers, confirming the existence of a link between the two values that could be promising in accurately estimating TV ratings by only using Twitter. The small numbers of tweets collected for one show revealed a potential limitation of linking Twitter to some types of TV shows with relative explanations being discussed. The use of sentiment analysis also proved to be useful in identifying trends related to TV shows such as a periodicity of positive tweets during the days prior to the show. This suggested that sentiment analysis
could be used to improve the accuracy of tweetTV by weighting people’s opinions before the shows and projecting estimations.

Overall, the performance of tweetTV was successful in collecting and filtering tweets and in conjunction with sentiment analysis; it has the potential to work as a real-time application that will provide TV ratings.

Click here to read my full thesis: “Are TV ratings possible with Twitter? (2013)”



UoB Hellenic Society Project


 Domain :

Launched : January 2013

Description :

University of Bristol Hellenic Society is a Greek & Cypriot community of students in Bristol. The website was developed to provide a portal for communucationg and sharing the news and events of our society. Among our priorities was to boost the number of memberships through the creation of a facebook page.

Technical Details :

  • Platform : Wordpress 3.2

 Other Features : Project Screenshot

Domain :

Launched : September 2007

Description :

An online portal designed to bring together all Cypriot Paintball Players both amateur and professional. It served for three year as a guide for paintball lovers providing latest news about local and international tournaments and events. Additional services like “Field Finder”, Forums and Marker Reviews and Interviews were launched to attract more people in Cyprus Paintball society. Finally in 2010 the project came to an end, we stopped updating the site and agreed to keep the site as an archive of interviews, articles and videos.

Technical Details :

  • Platform : Joomla 1.5

Alphasphere iOS

App Description :

The AlphaSphere IOS app uses an edit function to take sounds and loops from the iPhone’s memory and map them to one of the AlphaSphere’s 48 pads. These loops can also be edited to change the play style, volume, pan and channel selection. The project can be saved into memory and loaded again at another time to edit.



On the left the iOS Application developed during the project and on the right the 
AlphaLive v.0.1, software developed by “nu design”.

As a standalone application the app uses a play function which is laid out similarly to the edit functionality. The onscreen pads can then be used to emulate those of the AlphaSphere, allowing the user to test their projects without needing access to the AlphaSphere hardware. This means that musicians can test, practise and compose music from any of their AlphaSphere projects on their IOS device

Alphasphere :

The AlphaSphere is a revolutionary electronic musical instrument that utilises computer software and the AlphaSphere hardware to allow the user to create and perform digital music in a visually stimulating way. The AlphaSphere is revolutionary in the way live music is presented to an audience or crowd due to the aesthetics of the instrument. A connection is established between hardware and software via an Ethernet cable so that instructions can be sent between them. The AlphaSphere itself is a haptic interface consists of 48 tactile pads that stretch and flex as they alter the dynamic, timbre or another parameter of the sounds played. The responsiveness and range of the interaction with the pads means performers can tailor their every musical requirement to their exact specification, producing a tangible sensation for performer and audience alike.

Alphasphere iOS App :

The AlphaSphere IOS app uses an edit function to take sounds and loops from the iPhone’s memory and map them to one of the AlphaSphere’s 48 pads. These loops can also be edited to change the play style, volume, pan and channel selection. The project can be saved into memory and loaded again at another time to edit.

The AlphaSphere app is designed to work as either a standalone application or alongside the AlphaSphere and while much of the functionality is the same there are some differences in the way that app works when receiving signals from the AlphaSphere.

Nu desine also requested the app to be capable of receiving an Open Sound Control (OSC) message over the network. It was specified that messages would be sent from the AlphaSphere to the IOS device and the message format would be constant (and as follows);

The app is also able to stream in and decode these messages, using the two integer values in real time.

Project Report : Click here to read the full report (pdf version)

Team Members :

  • Thomas Butterworth
  • Li Du
  • Andreas Georgiou
  • Andrew Haslam
  • Robert Jones
  • Vlad Otrocol