AOH :: ISN-2959.HTM

WiFi fingerprints could end MAC spoofing

WiFi fingerprints could end MAC spoofing
WiFi fingerprints could end MAC spoofing 

By Peter Judge
05 September 2006

A new security technique promises to uniquely identify any WiFi device 
in the world, so hackers cannot hide behind a fake MAC address.

Every wireless device has a unique signal "fingerprint" produced by 
variations produced in the manufacturing process for silicon components, 
according to Dr Jeyanthi Hall, of Carleton University in Ottawa.

As a doctoral student, Dr Hall analysed the RF signals of fifteen 
devices from six manufacturers, and found it was possible to distinguish 
clearly, even between devices from the same manufacturer.

Using "transceiverprints," Dr Hall got a detection rate of 95 percent, 
and a false positive rate of zero, according to papers [1] submitted to 
various conferences, including IEEE events on wireless and security.

She achieved this reliability in the task of "recognising" the 
transceiverprint from a pre-recorded set - a job which could usefully be 
built into a wireless IDS, she says in the paper. Beyond this, things 
could get even more exciting: "It would be interesting to identify the 
correct transceiver (from the set of all profiled transceivers), using 
the same set of transceiverprints," she goes on.

Hall used a probabilistic neural network to work out the 
transceiverprint and compare it with stored prints.

Although the signal processing equipment and analysis software is 
specialised at present (see a brief by account [2] software vendor 
Mathworks) it could eventually be delivered on a more general-purpose 
signal processer system, Dr Hall hopes, according to a report in 
Electronic Engineering Times.

Limiting network access to specific devices using MACs has been a 
possible security technique for some time, and is included in many WiFi 

However, it has mostly been dismissed by security professionals, as it 
is easy to spoof the MAC address of a device. Comparing the MAC to a 
pre-recorded transceiverprint would make an access control list based on 
devices feasible again.


HITBSecConf2006 - Malaysia 
The largest network security event in Asia 
32 internationally renowned speakers 
7 tracks of hands-on technical training sessions. 
Register now: 

Site design & layout copyright © 1986-2015 CodeGods