WiFinger: Fingerprinting Noisy IoT Event Traffic Using Packet-level Sequence Matching
Ronghua Li
Network and Distributed System Security (NDSS) Symposium 2026 · Day 1 · Network Security
This talk presents **WiFinger**, a non-machine-learning approach to fingerprinting IoT device events from encrypted Wi-Fi traffic captured by a passive sniffer. Unlike prior work that targets transport/network layer traffic on wired connections, WiFinger operates at the **link layer** where traffic is substantially noisier -- suffering from **5-20% packet loss** and significant obfuscation from retransmissions, background noise, and WPA encryption. The system achieves an average precision of **96%** across 15 devices and 43 events using a novel **Fuzzy Matched Longest Common Subsequence (FM-LCS)** algorithm that handles missing packets and traffic interleaving without requiring large labeled datasets.
AI review
A refreshingly practical attack that fingerprints IoT events from passive Wi-Fi captures without any ML, achieving 96% precision even with 25% packet loss. The Fuzzy Matched LCS algorithm is elegant, the NP-hardness proof is solid, and the defense evaluation reveals that only traffic padding works -- shaping and delaying are useless. This is directly usable reconnaissance tradecraft for smart home surveillance.