Detail publikace
Mobile Device Fingerprinting
MATOUŠEK, P. BURGETOVÁ, I. VICTOR, M.
Originální název
Mobile Device Fingerprinting
Anglický název
Mobile Device Fingerprinting
Jazyk
en
Originální abstrakt
Network communication of mobile devices provides valuable information about installed apps, user activities and mobile device usage which can be interesting for network management and cyber security. Based on meta data obtained from mobile device communication, we can select specific features that can identify a device or app and form a mobile device fingerprinting. This report presents several mobile device fingerprinting techniques developed by the FIT BUT research team and discusses their usability, reliability and deployment for network monitoring and digital forensics. The presented techniques include mobile traffic profiling based on meta data obtained from common network protocols like HTTP, DNS, SSL, QUIC and DHCP. The report also shows how TLS fingerprinting method called JA3 can be applied on mobile communication. The obtained results demonstrate that combination of various features from TLS handshake together with DNS data can identify a mobile app with high precision.
Anglický abstrakt
Network communication of mobile devices provides valuable information about installed apps, user activities and mobile device usage which can be interesting for network management and cyber security. Based on meta data obtained from mobile device communication, we can select specific features that can identify a device or app and form a mobile device fingerprinting. This report presents several mobile device fingerprinting techniques developed by the FIT BUT research team and discusses their usability, reliability and deployment for network monitoring and digital forensics. The presented techniques include mobile traffic profiling based on meta data obtained from common network protocols like HTTP, DNS, SSL, QUIC and DHCP. The report also shows how TLS fingerprinting method called JA3 can be applied on mobile communication. The obtained results demonstrate that combination of various features from TLS handshake together with DNS data can identify a mobile app with high precision.
Dokumenty
BibTex
@techreport{BUT168667,
author="Petr {Matoušek} and Ivana {Burgetová} and Malombe {Victor}",
title="Mobile Device Fingerprinting",
annote="Network communication of mobile devices provides valuable
information about installed apps, user activities and mobile device usage which
can be interesting for network management and cyber security. Based on meta data
obtained from mobile device communication, we can select specific features that
can identify a device or app and form a mobile device fingerprinting.
This report presents several mobile device fingerprinting techniques developed by
the FIT BUT research team and discusses their usability, reliability and
deployment for network monitoring and digital forensics. The presented techniques
include mobile traffic profiling based on meta data obtained from common network
protocols like HTTP, DNS, SSL, QUIC and DHCP. The report also shows how TLS
fingerprinting method called JA3 can be applied on mobile communication. The
obtained results demonstrate that combination of various features from TLS
handshake together with DNS data can identify a mobile app with high precision.",
address="NEUVEDEN",
chapter="168667",
edition="NEUVEDEN",
howpublished="online",
institution="NEUVEDEN",
year="2020",
month="june",
pages="0--0",
publisher="NEUVEDEN",
type="report"
}