A new security technique promises to uniquely identify any Wi-Fi device in the world, so hackers cannot hide behind a fake MAC address.
Every wireless device has a unique signal "fingerprint" produced by variations produced in the manufacturing process for silicon components, according to Dr Jeyanthi Hall, a post-graduate working at Carleton University in Ottawa.
As a doctoral student, Dr Hall analyzed the RF signals of fifteen devices from six manufacturers, and found it was possible to distinguish clearly, even between devices from the same manufacturer.
Using "transceiverprints", Dr Hall got a detection rate of 95 percent, and a false positive rate of zero, according to a draft paper submitted to the IEEE Transactions on Dependable and Secure Computing.
She achieved this reliability in the task of "recognizing" the transceiverprint from a pre-recorded set - a job which could usefully be built into a wireless IDS, she says in the paper. Beyond this, things could get even more exciting: "It would be interesting to identify the correct transceiver (from the set of all profiled transceivers), using the same set of transceiverprints," she goes on.
Hall used a probabilistic neural network to work out the transceiverprint and compare it with stored prints. Although the signal processing equipment and analysis software is specialized at present it could eventually be delivered on a more general-purpose signal processer system, Dr Hall hopes, according to a report in Electronic Engineering Times.
Limiting network access to specific devices using MACs has been a possible security technique for some time, and is included in many Wi-Fi systems. However, it has mostly been dismissed by security professionals, as it is easy to spoof the MAC address of a device. Comparing the MAC to a pre-recorded transceiverprint would make an access control list based on devices feasible again.