Mentions légales du service

Skip to content
Snippets Groups Projects
Select Git revision
  • development
  • main default protected
  • v1.0
3 results
Compare
user avatar
change to relative path for images
autodistries authored
6ad7c45d
History
user avatar 6ad7c45d
History
Name Last commit Last update
config
docs
figures
files
playbooks
.gitignore
LICENSE
README.md
README.md

This code has been developed within the ANR MITIK project for research purposes. It is released under the license GNU General Public License v3.0 or later.

Please be advised that we do not intend to maintain this code. As such, while you are welcome to explore and utilize it for academic or research purposes, we cannot guarantee ongoing support or updates. Use of this code is at your own discretion, and we encourage you to exercise caution and discretion in its adaptation.

If you plan to use this code in your work, we kindly request that you cite the following paper:

  1. Fernando Molano Ortiz, Abhishek Kumar Mishra, F. D. de M. Silva, Nadjib Achir, Aline Carneiro Viana, et al.. Collecte de traces WiFi publiques: de la protection de la vie privée à l'analyse de trajectoires. CoRes 2024 - 9èmes Rencontres Francophones sur la Conception de Protocoles, l'Évaluation de Performance et l'Expérimentation des Réseaux de Communication, May 2024, Saint-Briac-sur-Mer, France. pp.1-4. https://hal.science/hal-04568193

Introduction

The MITIK project proposal is to carry out non-intrusive passive measurements to analyze the mobility of users through contacts while they are moving. For that, the goal is to use probe request packets from off-the-shelf mobile devices with wireless communication (specifically Wi-Fi). To ensure GPDR compliance, a data anonymization/sanitization process is carried out so that probe requests are received by the sniffers [4]. The system, as a whole, is composed of an architecture that comprises three phases, as shown in Figure 1.

mitik_architecture
Figure 1. Functional architecture of Mitik project [4].

The Sniffing engine comprises the raw data capture through wireless antennas. Data can be Stored in pcap files or in a trace format defined for all packets captured. Besides that, the data anonymization implements security algorithms on the raw data captured to ensure privacy of the sniffed users. For that, cryptographic algorithms are used to hash and truncate the MAC address of the mobile devices from users. Some developments have been forwarded [1], [2], [5].

On the other hand, the Trace handling engine defines all the steps necessary for the data analysis, since cleaning, formatting, handling of MAC correspondence, time synchronization between traces from the sniffers, separation and concatenation of traces per antenna. Some developments have been forwarded [3].

By last, the Trace production engine comprises the interpretation of data captured and processed in the previous engines. The goal of this module is to take individual traces to compute and analyze the mobility, and explore different patterns and behaviors of the human mobility.

Therefore, there is a need to integrate all the current developments into one unique Mitik code. A goal in Mitik project is to develop an automated management system in order to reduce manipulation by the human manager.

MITIK management tool

This repository contains files and firmware that is used to manage practical experiments of MITIK project in La Rochelle.

Basically this tool enables the management of sniffers through a "sniffer manager".

Sniffer manager

See DOCUMENTATION.md for installation, setup and usage instructions.
See PLAYBOOKS.md for information about the available playbooks.

The sniffer manager comprises several functions:

  • Centralized management of multiple sniffers (time synchronization, raw data capture, data transfer, data processing, among others).

  • One-step, one-time configuration of passwordless ssh access.

  • One-step configuration of multiple sniffers on all leverls: networking, software, gps...

  • Configuration of parameters and execution of code source of the MITIK-SENS project [1], [2].

  • Integration of functional blocks [4] developed for data capture / data anonymization/sanitization (Phase 1 - Per-technology sniffing engine) [1], handling of collected data (Phase 2 - Trace handling engine) [3], [5], [6], and analysis of human mobility (Phase 3 - Trace production engine), based on data collected from contacts of mobile devices detected by sniffers.

The immediate objective is to integrate these functional architectures to have a global functional vision of the solution, and add or make the necessary improvements.

Implementation

Currently, the sniffer manager is configurated in a PC (Macbook Pro). We use own made Ansible-based tool to configure the sniffers with all the required parameters to manage the configure system. Ansible1 enables configuration process remotely or locally. Ansible also has a configuration language that allows to describe how to define the state of items. As a result, Ansible allows for more efficient management, automating time-consuming tasks typically performed by users, and minimizing error-prone. Figure 2 shows the proposed Ansible architecture to implement in the Mitik project.

ansible_architecture
Figure 2. Ansible architecture.

Instructions are defined in Ansible's playbooks used to prepare all instructions to sniffers' configuration. These instructions can cover diverse configuration levels, e. g., hardware, software, O.S., environment variables, among others. Some of the necessary parameters for the integration of all the current developments into one unique Mitik solution are described below. Currently, these parameters are in development.

Management

  • Ansible-based tool
  • Hardware configuration

Integration

  • Number of sniffers by super-sniffer (5)
  • Integrate Sniffers / Manager PC
  • Integrate code sources from [1], [5]
  • Make available pcap files to start next steps (Phase 2 - Trace handling engine)

Test and Deploy

  • Time synchronization
  • Interfaces configuration
  • Sync and positioning using GPS (coordinates lat, lon)
  • Timeout function in Scapy-sniffer
  • gzip compression
  • Data transfer to manager PC / Mitik server

Figure 3 shows the flowchart for configuring the per-technology sniffing engine. This module comprises three stages, Raw capture, full anonymization and per-antenna data transfer.

module_1_implementation
Figure 3. Flowchart of Per-technology sniffing engine configuration.

Installation

Check the installation guide

References

[1] Fernando Dias de Mello Silva, Abhishek Kumar Mishra, Aline Carneiro Viana, Nadjib Achir, Anne Fladenmuller, and Luís Henrique M. K. Costa. Performance analysis of a privacy-preserving frame sniffer on a raspberry pi. In 6th Cyber Security in Networking Conference (CSNet), pages 1–7, October 2022.

[2] Loïc Jouans, Aline Carneiro Viana, Nadjib Achir, and Anne Fladenmuller. Associating the randomized bluetooth mac addresses of a device. In IEEE 18th Annual Consumer Communications & Networking Conference (CCNC), pages 1–6, 2021.

[3] Mohammad Imran Syed. Wi-Fi Trace Synchronization and Merging Python Tool. Technical report, Sorbonne Université LIP6, 2019.

[4] LRU SU, INRIA. Mitik: Mobility and contact traces from non-intrusive passive measurements - D2.1:Architectural design and instatiation. Technical report, ANR, 2022.

[5] Mohammad Imran Syed, Anne Fladenmuller, and Marcelo Dias De Amorim. Assessing the completeness of passive wi-fi traffic capture. In International Wireless Communications and Mobile Computing (IWCMC),pages 961–966, 2022.

[6] Mohammad Imran Syed, Anne Fladenmuller, and Marcelo Dias De Amorim. How much can sniffer redundancy improve wi-fi traffic? In IEEE 95th Vehicular Technology Conference: (VTC-Spring), pages 1–5, 2022.

  1. https://www.ansible.com/