llss, or Link Layer Secure Shuffle is a privacy and security tool designed to optimally function over a wireless ad-hoc network.

What is llss?

llss is a hardware address based MTD (Moving Target Defense). Unlike many other Moving Target Defense systems that are implemented at the application level. llss interacts directly with the link layer, updating host MAC addresses after sending packets.

llss is the result of a University of Illinois Wireless Networking (CS439) project during FA2020. CS439 is (at the time) taught by Robin Kravets.

For more information, visit https://courses.engr.illinois.edu/cs439/

Why does it matter?

A common goal of hackers is to establish a MITM, or Man In The Middle. This occurs when a malicious host places itself in between two legitimate hosts. One common vector (way for hackers to do this) is by abusing the Adress Resolution Protocol (ARP). ARP is the protocol that translates IP addresses ( to MAC hardware addresses (aa:bb:cc:11:22:33). It is also optimized for efficiency, so security was an afterthought. Malicious devices listen to an arp request (Who has , and forge a response with their MAC address (I have, send packets to de:ad:be:ef:13:37). At this point, the malicious device can see any packets meant for, making them inbetween the victim and the target! This is bad!

View the llss repository on GitHub

Read the llss Whitepaper Abstract

llss, Establishing an Ad-Hoc Wireless Privacy and MTD Tool - abstract.pdf

Watch a demonstration


Secure Shuffling

Using a shared secret key, both hosts know exactly where to send their next packets. Host A will send from Red to Blue, and B will reply from Blue to Green etc. From an outsiders perspective, every packet is going to a completely new computer!

Carousel imageCarousel image

Confidential, Difficult to Trace, Resistant to MITM Attacks

llss is designed to make filtering via wireshark and tcpdump difficult. This increases the time adversaries must take to gather any useful information about you communications.

Easy to use

llss comes complete with a wizard. Users can gain an understanding of it while still accessing its full potential. Once ready, full command-line arguments are available for use.