Clock skew based remote device fingerprinting demystified
作者: Fabian Lanze , Andriy Panchenko , Benjamin Braatz , Andreas Zinnen
DOI: 10.1109/GLOCOM.2012.6503213
关键词:
摘要: Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC, or IP address can be easily spoofed. This allows an attacker to fake a real AP and intercept, collect, alter (potentially even encrypted) data. In this paper, we the aforementioned problem by studying limits of unique remote physical device identification based on their clock skew—an unavoidable phenomenon that causes clocks run at marginal but measurably different speed. To end, propose algorithm passive fingerprinting using timestamps regularly sent APs in beacon frames. The major advantages our method are it is online able eliminate influence skew measurement device. Hence, fingerprints performed devices become comparable. We calculate precision provide termination criterion estimation with arbitrary precision. Moreover, conducting large scale evaluation, study stability uniqueness means wireless identification.
sci-hub.se 参考文章(17)
Michel Barbeau, Jeyanthi Hall, Evangelos Kranakis, Enhancing intrusion detection in wireless networks using radio frequency fingerprinting. communications, internet, and information technology. pp. 201- 206 ,(2004)
Michel Barbeau, Jeyanthi Hall, Evangelos Kranakis, DETECTION OF TRANSIENT IN RADIO FREQUENCY FINGERPRINTING USING SIGNAL PHASE ,(2003)
B. Sieka, Active fingerprinting of 802.11 devices by timing analysis consumer communications and networking conference. ,vol. 1, pp. 15- 19 ,(2006) , 10.1109/CCNC.2006.1592979
David L. Mills, Network Time Protocol (Version 3) Specification, Implementation and Analysis RFC. ,vol. 1305, pp. 1- 109 ,(1992)
D. Shaw, W. Kinsner, Multifractal modelling of radio transmitter transients for classification ieee wescanex communications power and computing. pp. 306- 312 ,(1997) , 10.1109/WESCAN.1997.627159
Steven J. Murdoch, Hot or not: Revealing hidden services by their clock skew Proceedings of the 13th ACM conference on Computer and communications security - CCS '06. pp. 27- 36 ,(2006) , 10.1145/1180405.1180410
S.B. Moon, P. Skelly, D. Towsley, Estimation and removal of clock skew from network delay measurements international conference on computer communications. ,vol. 1, pp. 227- 234 ,(1999) , 10.1109/INFCOM.1999.749287
O. Ureten, N. Serinken, Detection of radio transmitter turn-on transients Electronics Letters. ,vol. 35, pp. 1996- 1997 ,(1999) , 10.1049/EL:19991369
Ke Gao, Cherita Corbett, Raheem Beyah, A passive approach to wireless device fingerprinting dependable systems and networks. pp. 383- 392 ,(2010) , 10.1109/DSN.2010.5544294
T. Kohno, A. Broido, K.C. Claffy, Remote physical device fingerprinting IEEE Transactions on Dependable and Secure Computing. ,vol. 2, pp. 93- 108 ,(2005) , 10.1109/TDSC.2005.26