Publication detail

Mobile Device Fingerprinting

MATOUŠEK, P. BURGETOVÁ, I. VICTOR, M.

Original Title

Mobile Device Fingerprinting

Type

report

Language

English

Original Abstract

Network communication of mobile devices provides valuable information about installed apps, user activities and mobile device usage which can be interesting for network management and cyber security. Based on meta data obtained from mobile device communication, we can select specific features that can identify a device or app and form a mobile device fingerprinting. This report presents several mobile device fingerprinting techniques developed by the FIT BUT research team and discusses their usability, reliability and deployment for network monitoring and digital forensics. The presented techniques include mobile traffic profiling based on meta data obtained from common network protocols like HTTP, DNS, SSL, QUIC and DHCP. The report also shows how TLS fingerprinting method called JA3 can be applied on mobile communication. The obtained results demonstrate that combination of various features from TLS handshake together with DNS data can identify a mobile app with high precision.

Keywords

mobile fingerprinting, TLS, profiling, JA3, digital forensics

Authors

MATOUŠEK, P.; BURGETOVÁ, I.; VICTOR, M.

Released

30. 6. 2020

Location

FIT-TR-2020-05, Brno

Pages count

65

URL

BibTex

@techreport{BUT168667,
  author="Petr {Matoušek} and Ivana {Burgetová} and Malombe {Victor}",
  title="Mobile Device Fingerprinting",
  year="2020",
  address="FIT-TR-2020-05, Brno",
  pages="65",
  url="https://www.fit.vut.cz/research/publication/12313/"
}