Machine Learning
WiNTECH '06 Proceedings of the 1st international workshop on Wireless network testbeds, experimental evaluation & characterization
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Passive data link layer 802.11 wireless device driver fingerprinting
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Attacks on public WLAN-based positioning systems
Proceedings of the 7th international conference on Mobile systems, applications, and services
Transient-based identification of wireless sensor nodes
IPSN '09 Proceedings of the 2009 International Conference on Information Processing in Sensor Networks
honeyM: a framework for implementing virtual honeyclients for mobile devices
Proceedings of the third ACM conference on Wireless network security
On the reliability of wireless fingerprinting using clock skews
Proceedings of the third ACM conference on Wireless network security
Refocusing in 802.11 wireless measurement
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
Experience with heterogenous clock-skew based device fingerprinting
Proceedings of the 2012 Workshop on Learning from Authoritative Security Experiment Results
Privacy in mobile technology for personal healthcare
ACM Computing Surveys (CSUR)
On physical-layer identification of wireless devices
ACM Computing Surveys (CSUR)
ArrayTrack: a fine-grained indoor location system
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Hi-index | 0.00 |
We propose a simple active method for discovering facts about the chipset, the firmware or the driver of an 802.11 wireless device by observing its responses (or lack thereof) to a series of crafted non-standard or malformed 802.11 frames. We demonstrate that such responses can differ significantly enough to distinguish between a number of popular chipsets and drivers. We expect to significantly expand the number of recognized device types through community contributions of signature data for the proposed open fingerprinting framework. Our method complements known fingerprinting approaches, and can be used to interrogate and spot devices that may be spoofing their MAC addresses in order to conceal their true architecture from other stations, such as a fake AP seeking to engage clients in complex protocol frame exchange (e.g., in order to exploit a driver vulnerability). In particular, it can be used to distinguish rogue APs from legitimate APs before association.