Abstract
Detecting devices connected to a network has become of serious importance for the network. Different devices differ in CPU scheduler, screen resolution and clock frequency, resulting in different performances when loading the same webpage. In this paper, we present a content-agnostic device identification method, a technique which decomposes webpage loading time and loads as the features to identify physical devices. This proposed method can deal with various types of devices such as mobiles, laptops, and other smart devices. We conduct experiments to evaluate the performance of the proposed method with real-world traffic. The experiment results demonstrate that the proposed method can accurately identify the types of devices from encrypted traffic and the recognition rate can reach \(98.4\%\). To demonstrate the scalability of the method, we heuristically applied it to website identification and found that it has better effects than existing methods.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Al-Shehari, T., Shahzad, F.: Improving operating system fingerprinting using machine learning techniques. Int. J. Comput. Theory Eng. 6(1), 57 (2014)
Beverly, R.: A robust classifier for passive TCP/IP fingerprinting. In: Barakat, C., Pratt, I. (eds.) PAM 2004. LNCS, vol. 3015, pp. 158–167. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24668-8_16
Bruce, S.: Applied Cryptography, 2nd edn. Wiley, Hoboken (1996)
Chen, Y.C., Liao, Y., Baldi, M., Lee, S.J., Qiu, L.: OS fingerprinting and tethering detection in mobile networks. In: Proceedings of the 2014 Conference on Internet Measurement Conference, pp. 173–180. ACM (2014)
Gayle, D.: This is a secure line: the groundbreaking encryption app that will scrample your calls and messages (2013)
Herrmann, D., Wendolsky, R., Federrath, H.: Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial naïve-bayes classifier. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, pp. 31–42. ACM (2009)
Hjelmvik, E.: Passive network security analysis with networkminer. In: (IN)Secure, no. 18, pp. 1–100 (2008)
JetStream: Sunspider 1.0.2 javascript benchmark. https://webkit.org/perf/sunspider/sunspider.html Accessed 8 May 2017
Kohno, T., Broido, A., Claffy, K.C.: Remote physical device fingerprinting. IEEE Trans. Dependable Secure Comput. 2(2), 93–108 (2005)
Liberatore, M., Levine, B.N.: Inferring the source of encrypted HTTP connections. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 255–263. ACM (2006)
Lippmann, R., Fried, D., Piwowarski, K., Streilein, W.: Passive operating system identification from TCP/IP packet headers. In: Workshop on Data Mining for Computer Security, p. 40. Citeseer (2003)
Matoušek, P., Ryšavỳ, O., Grégr, M., Vymlátil, M.: Towards identification of operating systems from the internet traffic: IPFIX monitoring with fingerprinting and clustering. In: 2014 5th International Conference on Data Communication Networking (DCNET), pp. 1–7. IEEE (2014)
Matsunaka, T., Yamada, A., Kubota, A.: Passive OS fingerprinting by DNS traffic analysis. In: 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), pp. 243–250. IEEE (2013)
Medeiros, J.P.S., Brito, A.M., Pires, P.S.M.: A data mining based analysis of Nmap operating system fingerprint database. In: Herrero, Á., Gastaldo, P., Zunino, R., Corchado, E. (eds.) CISIS 2009. AINSC, vol. 63, pp. 1–8. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04091-7_1
Miłós, G., Murray, D.G., Hand, S., Fetterman, M.A.: Satori: enlightened page sharing. In: Proceedings of the 2009 Conference on USENIX Annual Technical Conference, p. 1 (2009)
Ornaghi, A., Valleri, M.: Ettercap. https://www.ettercap-project.org/. Accessed 28 Apr 2017
Radhakrishnan, S.V., Uluagac, A.S., Beyah, R.: GTID: a technique for physical device and device type fingerprinting. IEEE Trans. Dependable Secur. Comput. 12(5), 519–532 (2015)
Sarraute, C., Burroni, J.: Using neural networks to improve classical operating system fingerprinting techniques. arXiv preprint arXiv:1006.1918 (2010)
Schwartzenberg, J.: Using machine learning techniques for advanced passive operating system fingerprinting. Master’s thesis, University of Twente (2010)
Spitzner, L.: Know your enemy: passive fingerprinting. In: World Wide Web, March 2002
Zalewski, M.: p0f: passive OS fingerprinting tool. http://lcamtuf.coredump.cx/p0f.shtml. Accessed 6 May 2017
Acknowledgments
This paper is supported in part by NSFC under Grant 61472383, Grant U1709217, Grant 61728207, and Grant 61472385, and in part by the Natural Science Foundation of Jiangsu Province in China under Grant BK20161257.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Fang, P., Huang, L., Xu, H., He, Q. (2018). Smart Device Fingerprinting Based on Webpage Loading. In: Chellappan, S., Cheng, W., Li, W. (eds) Wireless Algorithms, Systems, and Applications. WASA 2018. Lecture Notes in Computer Science(), vol 10874. Springer, Cham. https://doi.org/10.1007/978-3-319-94268-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-94268-1_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94267-4
Online ISBN: 978-3-319-94268-1
eBook Packages: Computer ScienceComputer Science (R0)