Project 2: 802.11 Fingerprinting


Tutor: Clémentine Maurice clementine.maurice AT irisa.fr

Context

802.11 is a set of standards ratified by the IEEE, describing the characteristics of a Wireless Local Area Network (WLAN), often referred to as “Wi-Fi networks”, i.e., networks based on 802.11 devices. WLANs are widely adopted due to the standardization and interoperability between wireless devices. Yet, the wireless link has to deal with problems that have no analogy in the wired world, such as the unreliability of transmissions and potential attackers in the neighborhood with easy remote interactions. The 802.11 standard is therefore complicated and leads to varying implementations.

Fingerprinting is the action of identifying a device by extracting some externally observable characteristics and using supervised learning. It results in a signature (an identifier for the device being fingerprinted) and a classification of the device. Fingerprinting can be used in a defensive way, to detect and to prevent MAC address spoofing for stations and rogue access points. It can be used in an offensive way as well, by identifying a configuration to target a specific vulnerability and launch a driver-specific exploit. It also raises the question of privacy, as one way to ensure anonymity in 802.11 networks is to change regularly a device MAC address - supposed to be a unique identifier. However, by identifying the device by its observable characteristics, tracking becomes possible without relying on any unique identifier.

Aim

Collect traces and implement a 802.11 method to identify devices and evaluate the method.

Project progression

Help!

Collecting .pcap traces

We’re bored

Evaluate the method with MAC address randomization (available in some mobile devices or doable manually on your own computers).

Bibliography

During the final presentation, you should summarize these two papers: