A ZDNet article How to track a PC anywhere it connects to the Net describes research by UCSD grad student Tadayoshi Kohno that demonstrates how physical devices can be reliably identified remotely using clock skews.

“Anonymous Internet access is now a thing of the past. A doctoral student at the University of California has conclusively fingerprinted computer hardware remotely, allowing it to be tracked wherever it is on the Internet.

In a paper on his research, primary author and Ph.D. student Tadayoshi Kohno said: “There are now a number of powerful techniques for remote operating system fingerprinting, that is, remotely determining the operating systems of devices on the Internet. We push this idea further and introduce the notion of remote physical device fingerprinting … without the fingerprinted device’s known cooperation.”

The potential applications for Kohno’s technique are impressive. For example, “tracking, with some probability, a physical device as it connects to the Internet from different access points, counting the number of devices behind a NAT even when the devices use constant or random IP identifications, remotely probing a block of addresses to determine if the addresses correspond to virtual hosts (for example, as part of a virtual honeynet), and unanonymising anonymised network traces.”

A pre-print of Kohno’s paper is available:

T. Kohno, A. Broidoand and KC Claffy, Remote physical device fingerprinting, 2005 IEEE Symposium on Security and Privacy, Oakland CA, May 8-11, 2005.

“We introduce the area of remote physical device fingerprinting, or fingerprinting a physical device, as opposed to an operating system or class of devices, remotely, and without the fingerprinted device’s known cooperation. We accomplish this goal by exploiting small, microscopic deviations in device hardware: clock skews. Our techniques do not require any modification to the fingerprinted devices. … Further, one can apply our passive and semi-passive techniques when the fingerprinted device is behind a NAT or firewall, and also when the device’s system time is maintained via NTP or SNTP.”

Categories: Security, , Related posts: • Wii considered dangerous;  • hackdiary: Ericsson Bluetooth phone as remote control;  • SonyEricssonClicker for wintels… coming in 2010…;   Trackback: link, Comments: