基于802.11帧的无线设备指纹生成方法

Generating fingerprint for wireless device based on 802.11 frames

针对无线网络中的节点仿冒等安全威胁,无线设备的身份识别成为了亟待研究的问题。在现有的识别方法中,MAC地址由于启用了随机化技术已不再适合作为无线设备的唯一标识,而依赖连接的设备指纹提取方式易暴露提取者的身份,存在安全隐患。文章提出了一种无连接的设备指纹生成方法,通过侦听802.11协议的管理帧提取无线设备的指纹,利用信息熵选取特征并进行量化评估,最后通过相似哈希(SimHash)算法生成独特的设备指纹。在真实数据集的实验表明,文章生成的指纹识别粒度相较于识别品牌平均提升了5.68倍,并发现同一品牌的不同指纹具有明显的关联性,相似度在51.75%~94.15%。

In response to security threats such as node spoofing in wireless networks,identifying wireless devices has become a critical issue.Among existing approaches,MAC address is no longer suitable as the unique identifier due to the randomization technology,and extracting fingerprint after network association tend to violate conductor's privacy.This article proposes a pre-association device fingerprint generation method,which extracts wireless device fingerprint information from the 802.11 management frames.The features are extracted and evaluated by entropy metrics,and then a similarity hash algorithm is used to generate an unique fingerprint.Experiments on real-world datasets show that the fingerprint recognition granularity generated by the proposed method is increased by an average of 5.68 times compared to the brand recognition,and different fingerprints of the same brand have certain similarities,ranging from 51.75%to 94.15%.