Université du Luxembourg
Fingerprinting Techniques for Network Security.
Degree: 2015, Université du Luxembourg
Fingerprinting techniques aim to identify objects such as devices, data, users, or
even attacks, based on distinctive characteristics. The goal of this thesis is to de-
velop and evaluate methods for fingerprinting in different application domains and
to contribute to a better understanding of fingerprinting in general. We concentrate
on approaches that are applicable in practice to improve the security of computer
networks. We first introduce a novel formal model of the central concepts of finger-
printing in order to relate techniques to their particular application scenario. This
model allows the comparison of approaches and the evaluation of their effectiveness
for practical use.
The evil twin attack in 802.11 networks is a severe security problem that nei-
ther the industry nor the research community has found appropriate solutions for.
Motivated by this threat, we develop novel fingerprinting methods. We address this
challenge from two angles. In our first approach we exploit minuscule yet observable
inaccuracies in crystal-oscillator-driven computer clocks. We will show that several
conclusions drawn in the related research about the efficacy of this fingerprinting
feature are false. We then enhance state-of-the-art approaches and for the first time
provide a solution for remote physical device fingerprinting performed by typical
off-the-shelf client devices that is able to mitigate the evil twin threat in practice.
The second approach focuses on fingerprinting the behavioral characteristics of soft-
ware tools that have been developed or can be misused to mount the attack. As we
will show, our fingerprinting methods, which primarily exploit unavoidable low-level
characteristics, allow the reliable detection of such an attack strategy within a few
We then switch the perspective to the attacker’s side and investigate a finger-
printing method that has been proposed to attack anonymization networks such as
Tor by using traffic analysis, commonly referred to as website fingerprinting. We
propose a novel approach that outperforms state-of-the-art methods in this area. We
then evaluate for the first time the practical applicability of website fingerprinting
in a realistic scenario, while avoiding simplified assumptions predominantly made in
the related research. Our evaluation indicates that this particular threat, which is
considered to be a serious security problem affecting many users, is not as severe as
presumed. Therefore, concerns that have been raised and strategies for circumvent-
ing this attack that have been proposed need to be reconsidered.
Advisors/Committee Members: Engel, Thomas [superviser], Sorger, Ulrich [president of the jury], Scheuermann, Björn [member of the jury], Panchenko, Andriy [member of the jury], Spaniol, Otto [member of the jury].
Subjects/Keywords: Security; Fingerprinting; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
to Zotero / EndNote / Reference
APA (6th Edition):
Lanze, F. (2015). Fingerprinting Techniques for Network Security. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/20444
Chicago Manual of Style (16th Edition):
Lanze, Fabian. “Fingerprinting Techniques for Network Security.” 2015. Doctoral Dissertation, Université du Luxembourg. Accessed October 20, 2019.
MLA Handbook (7th Edition):
Lanze, Fabian. “Fingerprinting Techniques for Network Security.” 2015. Web. 20 Oct 2019.
Lanze F. Fingerprinting Techniques for Network Security. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2015. [cited 2019 Oct 20].
Available from: http://orbilu.uni.lu/handle/10993/20444.
Council of Science Editors:
Lanze F. Fingerprinting Techniques for Network Security. [Doctoral Dissertation]. Université du Luxembourg; 2015. Available from: http://orbilu.uni.lu/handle/10993/20444