Vol 5» 2006.Sep

Future Work - MAC vs. PHY Fingerprinting

The 802.11 standard is responsible not only for specifying the media access controls of wireless networks, but also the physical (PHY) layer as well. This paper focuses on analyzing the MAC portion of the standard, but one could imagine a tool that analyzes aspects of the PHY for unique signatures.

Such a device would need the ability to analyze the frequency that 802.11 operates in (2.4GHz, 5GHz or the rarely-implemented IR band). Since the goal of the device is to be able to analyze what typical consumer level cards are doing, it would likely need components capable of measuring physical characteristics of the medium with higher levels of precision than that available on commercially-available 802.11 cards. Likely candidates for such a device include measuring the type of preamble used in 802.11 frames and the thresholds used by cards to detect that the medium is busy.

This paper has demonstrated that it is possible to remotely determine which 802.11 implementation generated traffic by analyzing a small sample taken during the association phase. The technique outlined in this paper achieved a new level of resolution, successfully identify not only chipsets, but device driver and even device driver versions in many cases.