Magnetics Seminar
“DO you know who is on your network?
DILON: Detecting Intrusions at Layer One.
A new approach for network security”
Dr. Mani Mina and Dr. Tom Daniels
Department of EE/CprE
Iowa State University
Determining and verifying identity in digital communications has long
been relegated to protocols that assume a cooperative participant with a
unique or distinctive identifier.
We present an architecture that uses analog properties of digital
devices to establish or confirm device identity in LAN's. We call this
architecture DILON: Detecting Intrusions at Layer ONe.
DILON is based on the notion that directly communicating devices can
observe more than just the "bits" on the media. Modern high speed ADCs
can oversample the network communications to extract identifying
information intrinsic to the device. By comparing this information to
known profiles, sender identity may be verified or used in a forensic
context.
We present our current research results and our methodology for signal
analysis that given enough traffic can differentiate Ethernet NICs
(Network Interface Cards) of the same model and manufacturing lot. We
conclude with a discussion of further approaches and other applications.