By Peter Judge
05 September 2006
A new security technique promises to uniquely identify any WiFi device
in the world, so hackers cannot hide behind a fake MAC address.
Every wireless device has a unique signal "fingerprint" produced by
variations produced in the manufacturing process for silicon components,
according to Dr Jeyanthi Hall, of Carleton University in Ottawa.
As a doctoral student, Dr Hall analysed the RF signals of fifteen
devices from six manufacturers, and found it was possible to distinguish
clearly, even between devices from the same manufacturer.
Using "transceiverprints," Dr Hall got a detection rate of 95 percent,
and a false positive rate of zero, according to papers  submitted to
various conferences, including IEEE events on wireless and security.
She achieved this reliability in the task of "recognising" the
transceiverprint from a pre-recorded set - a job which could usefully be
built into a wireless IDS, she says in the paper. Beyond this, things
could get even more exciting: "It would be interesting to identify the
correct transceiver (from the set of all profiled transceivers), using
the same set of transceiverprints," she goes on.
Hall used a probabilistic neural network to work out the
transceiverprint and compare it with stored prints.
Although the signal processing equipment and analysis software is
specialised at present (see a brief by account  software vendor
Mathworks) it could eventually be delivered on a more general-purpose
signal processer system, Dr Hall hopes, according to a report in
Electronic Engineering Times.
Limiting network access to specific devices using MACs has been a
possible security technique for some time, and is included in many WiFi
However, it has mostly been dismissed by security professionals, as it
is easy to spoof the MAC address of a device. Comparing the MAC to a
pre-recorded transceiverprint would make an access control list based on
devices feasible again.
HITBSecConf2006 - Malaysia
The largest network security event in Asia
32 internationally renowned speakers
7 tracks of hands-on technical training sessions.
Register now: http://conference.hitb.org/hitbsecconf2006kl/