Clock Skew Based Remote Device Fingerprinting Demystified

Commonly used identifiers for IEEE 802.11 Access Points (APs), such as network name (SSID), MAC, or IP address can be easily spoofed. This allows an attacker to fake a real AP and intercept, collect, or alter (potentially even encrypted) data. In this paper, the authors address the aforementioned problem by studying limits of unique remote physical device identification based on their clock skew - an unavoidable phenomenon that causes clocks to run at marginal but measurably different speed. To this end, they propose an algorithm for passive fingerprinting using timestamps regularly sent by APs in beacon frames. The major advantages of their method are that it is online and that they are able to eliminate the influence of clock skew of the measurement device.

Provided by: Institute of Electrical & Electronic Engineers Topic: Printers Date Added: Nov 2012 Format: PDF

Download Now

Find By Topic