Systems And Methods For Fingerprinting Physical Devices And Device Types Based On Network Traffic

Thumbnail Image
Files
9225732.pdf (999.28 KB)
Author(s)
Advisor(s)
Editor(s)
Associated Organization(s)
Organizational Unit
Series
Series
Collections
Research Publications
Supplementary to:
Permanent Link
http://hdl.handle.net/1853/57041
Abstract
Systems and methods for providing device and/or device type fingerprinting based on properties of network traffic originating from a device to be identified. In one implementation, the method includes capturing packets routed through a network at an intermediate node between the originating device to be identified and destination, measuring properties of the captured traffic, including packet inter-arrival time, and generating a signature based on the measured properties that includes identifying information about the hardware and/or software architecture of the device. Various implementations do not require deep packet inspection, do not require a managed device-side client, are protocol and packet payload agnostic, and effective for MAC or IP-level encrypted streams. Also, various implementations can provide wired-side detection of wireless devices and device types and can detect both previously detected and unknown devices.
Sponsor
Date
12/29/2015
Extent
Resource Type
Text
Resource Subtype
Patent
Rights Statement
Rights URI