Table of Contents

  • Background Knowledge
  • Related Works
  • Ideas
  • WiFi Protocols and Channels

  • 802.11b/g/n/ax: 2.4G, 11+3 channels
  • 802.11a/n/ac/ax: 5G, only {36, 40, 44, 48, 52*, 56*, 60*, 64*, 149, 153, 157, 161, 165} are allowed in China
  • Co-channel Interference (CCI) and Adjacent Channel Interference (ACI)

  • CCI: multiple devices use the same channel. CSMA/CA is used in this case.
  • ACI: multiple devices use slighly overlapping channels, causing them treat each other as noise.
  • For 802.11b, {1, 6, 11} is the most common set of non-overlapping channels.
  • Security

  • WPS PIN is not secure. It can be cracked within one day.
  • WPA and TKIP are not considered secure, but still often enabled for compatibility.
  • Adjacent Channel Interference in Dual-radio 802.11a Nodes and Its Impact on Multi-hop Networking

    IEEE Globecom 2006, Harvard University

    ...Although these nodes use chipsets that satisfy the transmit-mask requirements set by the IEEE 802.11 standard, the multi-hop performance is still significantly affected by ACI. That is, a node’s transmitter can interfere with its own receiver on a different channel; as a result, multi-hop throughput is severely degraded.

    ...We demonstrate that this interference can lead to two-fold or worse performance degradation in data transfer. The performance degradation is particularly significant for an important scenario where the signal-to-noise ratio (SNR) of the receiving channel is at the lower end of the low-loss region.

    Adjacent Channel Interference in 802.11a: Modeling and Testbed Validation

    IEEE Radio and Wireless Symposium 2008, University of Crete

    ...Our results indicate that equipping a single node with multiple interfaces requires careful channel allocation and physical antenna separation, since throughput can be severely degraded.

    ...The results in this paper verify this analytical tool can provide initial insight on the adjacent channel interference effects at the design phase of long-distance wireless links, prior to their deployment without requiring time consuming experiments or installations.

    Characterizing Interference in a Campus WiFi Network via Mobile Crowd Sensing

    International Conference on Collaborative Computing 2015, Huazhong University of Science and Technology

  • Geographical AP density distribution
  • WiFi Channel Usage
  • Indoor vs. Outdoors
  • Private vs. Public
  • A Walk on the Client Side: Monitoring Enterprise Wifi Networks Using Smartphone Channel Scans

    IEEE INFOCOM 2016, Universty at Buffalo and University of Notre Dame

    The main idea of this paper is that smartphone WiFi scan can provide infomation that cannot be gathered only by AP-based methods, thus enterprises can ustilize it to provide better WiFi service. It presents two cases to support the idea.

    Spectrum Management: suffered from hidden client problem, AP-based methods cannot accuratly build the complete conflict graph, which also cause suboptimal channel assignments.

    Spatial Planning: by recording APs providing better signals and the second candidate when a user performing a connection, we can find APs that can be relatively safe removed or repositioned.

    Finally they also discussed the user privacy and incentive issues.


  • Basic statistics: distribution of signal strength, distance, channels, etc.
  • Channel: CCI and ACI. Illegal usage of 5G wifi channels.
  • BSSID: usually it's MAC, we can determine the manufacturer from it.
  • Distance: relation between signal strength and distance?
  • Other ideas

  • Security: we can try the top 1000 popular passwords
  • try to connect unencrypted WiFi and analyze the authentication page
  • determine if phone or router? (by ssid and manufacturer)
  • utilize more lower-level infomation to infer number of users (by CSMA)