Wednesday, 6 September 2006

Wi-Fi Fingerprints Could End MAC Spoofing

Unauthorized Bluetooth devices or rogue devices can impersonate legitimate devices through address and link key spoofing. Moreover, they can infiltrate a Bluetooth network and initiate other forms of attacks. The paper ‘Detecting Rogue Devices In Bluetooth Networks Using Radio Frequency Fingerprinting’ by Dr Jeyanthi Hall, a post-graduate working at Carleton University in Ottawa investigates a novel intrusion detection approach, which makes use of Radio Frequency Fingerprinting (RFF) for profiling, Hotelling’s statistics for classification and a decision filter, for detecting these devices. RFF is a technique that is used to uniquely identify a transceiver based on the transient portion of the signal it generates. Moreover, the use of a statistical classifier proves advantageous in minimizing requirements for memory. Finally, the detection rate is also improved by incorporating a decision filter, which takes the classification results of a set of events into consideration, prior to rendering the final decision. The average False Alarm Rate of five percent and Detection Rate of ninety-three percent support the feasibility of employing these components to address the aforementioned problem.

Hall used a probabilistic neural network to work out the transceiverprint and compare it with stored prints. Although the signal processing equipment and analysis software is specialised at present it could eventually be delivered on a more general-purpose signal processer system, Dr Hall hopes, according to a report in Electronic Engineering Times.

Limiting network access to specific devices using MACs has been a possible security technique for some time, and is included in many Wi-Fi systems. However, security professionals have mostly dismissed it, as it is easy to spoof the MAC address of a device. Comparing the MAC to a pre-recorded transceiverprint would make an access control list based on devices feasible again.