IEEE 802.11 Chipset Fingerprinting by the Measurement of Timing Characteristics

Lackner, G. and Teufl, P.

    In this paper we present a technique to create WLAN device fingerprints by measuring timing properties without the use of special-purpose hardware. Our proposed process is absolutely passive and cannot be detected by the targeted device. The timing mea- surement is based on a delay caused by the hardware implementation of the CRC checksum algorithm at the network interface card (NIC) of the client. This delay turned out to be significant for a large number of different chipset implementations. The ability of identifying connected devices could improve the security of a wireless network significantly. It could help to enhance access control mechanisms and would deliver valuable real time information about the connected clients. As a proof of our concept we present a prototype implementation called WiFinger to evaluate our approach.
Cite as: Lackner, G. and Teufl, P. (2011). IEEE 802.11 Chipset Fingerprinting by the Measurement of Timing Characteristics. In Proc. Australasian Information Security Conference (AISC 2011) Perth, Australia. CRPIT, 116. Colin Boyd and Josef Pieprzyk Eds., ACS. 41-50
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS