Detail publikace

Mobile Device Fingerprinting

MATOUŠEK, P. BURGETOVÁ, I. VICTOR, M.

Originální název

Mobile Device Fingerprinting

Anglický název

Mobile Device Fingerprinting

Jazyk

en

Originální abstrakt

Network communication of mobile devices provides valuable information about installed apps, user activities and mobile device usage which can be interesting for network management and cyber security. Based on meta data obtained from mobile device communication, we can select specific features that can identify a device or app and form a mobile device fingerprinting. This report presents several mobile device fingerprinting techniques developed by the FIT BUT research team and discusses their usability, reliability and deployment for network monitoring and digital forensics. The presented techniques include mobile traffic profiling based on meta data obtained from common network protocols like HTTP, DNS, SSL, QUIC and DHCP. The report also shows how TLS fingerprinting method called JA3 can be applied on mobile communication. The obtained results demonstrate that combination of various features from TLS handshake together with DNS data can identify a mobile app with high precision.

Anglický abstrakt

Network communication of mobile devices provides valuable information about installed apps, user activities and mobile device usage which can be interesting for network management and cyber security. Based on meta data obtained from mobile device communication, we can select specific features that can identify a device or app and form a mobile device fingerprinting. This report presents several mobile device fingerprinting techniques developed by the FIT BUT research team and discusses their usability, reliability and deployment for network monitoring and digital forensics. The presented techniques include mobile traffic profiling based on meta data obtained from common network protocols like HTTP, DNS, SSL, QUIC and DHCP. The report also shows how TLS fingerprinting method called JA3 can be applied on mobile communication. The obtained results demonstrate that combination of various features from TLS handshake together with DNS data can identify a mobile app with high precision.

Dokumenty

BibTex


@techreport{BUT168667,
  author="Petr {Matoušek} and Ivana {Burgetová} and Malombe {Victor}",
  title="Mobile Device Fingerprinting",
  annote="Network communication of mobile devices provides valuable 
information about installed apps, user activities and mobile device usage which
can be interesting for network management and cyber security. Based on meta data
obtained from mobile device communication, we can select specific features that
can identify a device or app and form a mobile device fingerprinting. 

This report presents several mobile device fingerprinting techniques developed by
the FIT BUT research team and discusses their usability, reliability and
deployment for network monitoring and digital forensics. The presented techniques
include mobile traffic profiling based on meta data obtained from common network
protocols like HTTP, DNS, SSL, QUIC and DHCP. The report also shows how TLS
fingerprinting method called JA3 can be applied on mobile communication. The
obtained results demonstrate that combination of various features from TLS
handshake together with DNS data can identify a mobile app with high precision.",
  address="NEUVEDEN",
  chapter="168667",
  edition="NEUVEDEN",
  howpublished="online",
  institution="NEUVEDEN",
  year="2020",
  month="june",
  pages="0--0",
  publisher="NEUVEDEN",
  type="report"
}