On Reliability of Clock-skew-based Remote Computer Identification

Libor Polčák, Barbora Franková

2014

Abstract

Clocks have a small in-built error. As the error is unique, each clock can be identified. This paper explores remote computer identification based on the estimation of clock skew computed from network packets. The previous knowledge of the method is expanded in various ways: (1) we argue about the amount of data that is necessary to get accurate clock skew estimation, (2) the study of different time stamp sources unveils several irregularities that hinders the identification, and (3) the distribution of clock skew in real network makes the precise identification hard or even impossible.

References

  1. Banse, C., Herrmann, D., and Federrath, H. (2012). Tracking users on the internet with behavioral patterns: Evaluation of its practical feasibility. In Information Security and Privacy Research, volume 376, pages 235-248. Springer Berlin Heidelberg, DE.
  2. Ding-Jie Huang, Kai-Ting Yang, Chien-Chun Ni, WeiChung Teng, Tien-Ruey Hsiang, and Yuh-Jye Lee (2012). Clock skew based client device identification in cloud environments. In Advanced Information Networking and Applications, pages 526-533.
  3. Eckersley, P. (2010). How unique is your web browser? In Privacy Enhancing Technologies, volume 6205 of Lecture Notes in Computer Science, pages 1-18. Springer Berlin Heidelberg, DE.
  4. Herrmann, D., Gerber, C., Banse, C., and Federrath, H. (2012). Analyzing characteristic host access patterns for re-identification of web user sessions. In Information Security Technology for Applications, volume 7127, pages 136-154. Springer Berlin Heidelberg, DE.
  5. Jacobson, V., Braden, B., and Borman, D. (1992). RFC 1323 TCP Extensions for High Performance.
  6. Jana, S. and Kasera, S. (2010). On fast and accurate detection of unauthorized wireless access points using clock skews. IEEE Transactions on Mobile Computing, 9(3):449-462.
  7. Kohno, T., Broido, A., and Claffy, K. (2005). Remote physical device fingerprinting. IEEE Transactions on Dependable and Secure Computing, 2(2):93-108.
  8. Kumpos?t, M. (2008). Context Information and User Profiling. PhD thesis, Masaryk University, CZ.
  9. Lanze, F., Panchenko, A., Braatz, B., and Zinnen, A. (2012). Clock skew based remote device fingerprinting demystified. In Global Communications Conference, pages 813-819.
  10. Mills, D. L., Martin, J., Burbank, J., and Kasch, W. (2010). RFC 5905 Network Time Protocol Version 4: Protocol and Algorithms Specification.
  11. Murdoch, S. J. (2006). Hot or not: Revealing hidden services by their clock skew. In Computer and Communications Security, pages 27-36, New York, NY, USA. ACM.
  12. Polc?ák, L., Jirásek, J., and Matous?ek, P. (2013). Comments on ”Remote physical device fingerprinting”. IEEE Transactions on Dependable and Secure Computing. Pre-prints.
  13. Sharma, S., Hussain, A., and Saran, H. (2012). Experience with heterogenous clock-skew based device fingerprinting. In Workshop on Learning from Authoritative Security Experiment Results, pages 9-18. ACM.
  14. Zander, S. and Murdoch, S. J. (2008). An improved clockskew measurement technique for revealing hidden services. In Proceedings of the 17th Conference on Security Symposium, pages 211-225, Berkeley, CA, USA. USENIX Association.
Download


Paper Citation


in Harvard Style

Polčák L. and Franková B. (2014). On Reliability of Clock-skew-based Remote Computer Identification . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 291-298. DOI: 10.5220/0005048502910298


in Bibtex Style

@conference{secrypt14,
author={Libor Polčák and Barbora Franková},
title={On Reliability of Clock-skew-based Remote Computer Identification},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={291-298},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005048502910298},
isbn={978-989-758-045-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - On Reliability of Clock-skew-based Remote Computer Identification
SN - 978-989-758-045-1
AU - Polčák L.
AU - Franková B.
PY - 2014
SP - 291
EP - 298
DO - 10.5220/0005048502910298