Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IT Sec > Device Identification > Flashcards

Device Identification Flashcards

1
Q

What is the definition of device identification in wireless networks?

A

The ability to uniquely identify a user or device based on a unique ID such as MAC address, IMEI or MEID for mobile phones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are some of the goals and applications of device identification?

A

Authentication, localization, tracking, navigation, intrusion detection, and new application domains like smart healthcare or autonomous UAV.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the two main categories of device identification methods in wireless networks?

A

Passive and active identification methods.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the difference between passive and active device identification methods?

A

Passive methods are based on observing the communication traffic of the target device to extract features that distinguish the device or its components. Active methods generate targeted traffic with the target device and then observe its behavior.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are some examples of device identification characteristics in different layers?

A

Signal intelligence, modulation errors, packet contents, or behavior.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How is the classification of the characteristics (fingerprints) usually done?

A

Using a standard classifier, such as the nearest neighbor classifier.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are some examples of device identification use cases?

A

Authentication, tracking, intrusion detection, and new application domains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are some examples of passive and active attackers of different power levels, and their capabilities and goals?

A

Passive attackers only observe the communication traffic of the target device, while active attackers generate targeted traffic with the target device and then observe its behavior.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are some real life device identification scenarios?

A

Wardriving, counting visitors, traffic load, and UAV detection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are some examples of passive identification techniques by packet evaluation and signal intelligence?

A

Packet evaluation looks at the content of the packets, while signal intelligence looks at the properties of the signals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are some examples of passive identification: statistical approaches?

A

Using statistical classification and regression models on RF features, such as non-parametric features of complex IQ signals of ZigBee devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are some examples of passive identification: transient-based approaches?

A

Using the time between the start of ramping up to full power before a new transmission, called the transient signal, to identify devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are some examples of passive identification: modulation-based approaches?

A

Using modulation-based errors to identify devices, such as frequency offset, sync correlation, I/Q origin offset, and magnitude/phase offset.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are some examples of passive identification: other signal-based approaches?

A

Using RSS-based, permutation-entropy-based, or other methods to identify devices based on signal characteristics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are some examples of passive identification: positioning-based identification?

A

Using the relative signal power and CSI to locate and track devices in space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are some examples of passive identification: approaches not using packet content?

A

These approaches are independent of the protocol and the data, and only rely on the signal properties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are some examples of passive identification: approaches using behavior?

A

These approaches use the statistical analysis of the rate at which data link layer frames are transmitted by a device, which depends on the specific driver.

18
Q

What are some examples of passive identification: approaches using scrambler-seeds?

A

These approaches use the pseudo-random bitstring added on top of the data stream to ensure certain properties of the signal, and exploit the predictability of the scrambler state.

19
Q

What are some examples of passive identification: approaches using identifiers?

A

These approaches use the device identifiers, such as MAC, IMEI, or WPS UUID, to make devices addressable and identifiable.

20
Q

What are some examples of passive identification: approaches using information elements (IEs)?

A

These approaches use the optional or mandatory IEs in Wi-Fi packets, which hint at the capabilities or features of the devices.

21
Q

What is the purpose of MAC randomization in wireless networks?

A

To prevent device tracking by changing the MAC address periodically.

22
Q

What is the main challenge of MAC randomization in wireless networks?

A

It is not part of any specification and different vendors implement it differently.

23
Q

What are some examples of active device identification attacks that exploit MAC randomization in wireless networks?

A

AP impersonation, Bluetooth correlation, WiFi-based IMSI collector.

24
Q

What is the name of the bit in the first byte of the MAC address that indicates whether the MAC address is global or local?

A

The universal/local bit.

25
Q

What is the name of the field in the Wi-Fi frame header that contains the first seven feedback bits of the scrambler state?

A

The scrambler init field.

26
Q

What is the name of the technique that uses the ramp-up time of the signal from channel noise to full power to identify wireless devices?

A

Transient-based identification.

27
Q

What is the name of the list that contains the SSIDs of the networks that a device has previously connected to or prefers to connect to?

A

The preferred network list.

28
Q

What is the name of the attack that listens to directed probe requests by the target device and impersonates an access point using a SSID that was observed?

A

The Karma attack.

29
Q

What are some examples of passive identification techniques by packet evaluation and signal intelligence?

A

Packet evaluation looks at the content of the packets, while signal intelligence looks at the properties of the signals.

30
Q

What are some examples of passive identification: statistical approaches?

A

Using statistical classification and regression models on RF features, such as non-parametric features of complex IQ signals of ZigBee devices.

31
Q

What are some examples of passive identification: transient-based approaches?

A

Using the time between the start of ramping up to full power before a new transmission, called the transient signal, to identify devices.

32
Q

What are some examples of passive identification: modulation-based approaches?

A

Using modulation-based errors to identify devices, such as frequency offset, sync correlation, I/Q origin offset, and magnitude/phase offset.

33
Q

What are some examples of passive identification: other signal-based approaches?

A

Using RSS-based, permutation-entropy-based, or other methods to identify devices based on signal characteristics.

34
Q

What are some examples of passive identification: positioning-based identification?

A

Using the relative signal power and CSI to locate and track devices in space.

35
Q

What are some examples of passive identification: approaches not using packet content?

A

These approaches are independent of the protocol and the data, and only rely on the signal properties.

36
Q

What are some examples of passive identification: approaches using behavior?

A

These approaches use the statistical analysis of the rate at which data link layer frames are transmitted by a device, which depends on the specific driver.

37
Q

What are some examples of passive identification: approaches using scrambler-seeds?

A

These approaches use the pseudo-random bitstring added on top of the data stream to ensure certain properties of the signal, and exploit the predictability of the scrambler state.

38
Q

What are some examples of passive identification: approaches using identifiers?

A

These approaches use the device identifiers, such as MAC, IMEI, or WPS UUID, to make devices addressable and identifiable.

39
Q

What are some examples of passive identification: approaches using information elements (IEs)?

A

These approaches use the optional or mandatory IEs in Wi-Fi packets, which hint at the capabilities or features of the devices.

40
Q

What is the difference between passive and active device identification methods in wireless networks?

A

Passive methods are based on observing the communication traffic of the target device to extract features that distinguish the device or its components. Active methods generate targeted traffic with the target device and then observe its behavior.

IT Sec (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions