Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting

Motivated by the proliferation of wireless-enabled devices and the suspect nature of device driver code, we develop a passive fingerprinting technique that identifies the wireless device driver running on an IEEE 802.11 compliant device. This technique is valuable to an attacker wishing to conduct reconnaissance against a potential target so that he may launch a driver-specific exploit.

In particular, we develop a unique fingerprinting technique that accurately and efficiently identifies the wireless driver without modification to or cooperation from a wireless device. We perform an evaluation of this fingerprinting technique that shows it both quickly and accurately fingerprints wireless device drivers in real world wireless network conditions. Finally, we discuss ways to prevent fingerprinting that will aid in improving the security of wireless communication for devices that employ 802.11 networking.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {268896,
author = {Jason Franklin and Damon McCoy},
title = {Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting},
booktitle = {15th USENIX Security Symposium (USENIX Security 06)},
year = {2006},
address = {Vancouver, B.C. Canada},
url = {https://www.usenix.org/conference/15th-usenix-security-symposium/passive-data-link-layer-80211-wireless-device-driver},
publisher = {USENIX Association},
month = jul
}
Download

Presentation Video

Presentation Audio

Links

Paper: 
http://usenix.org/events/sec06/tech/full_papers/franklin/franklin.pdf
Paper (HTML): 
http://usenix.org/events/sec06/tech/full_papers/franklin/franklin_html/index.html