Magnetics Seminar

“DO you know who is on your network? DILON: Detecting Intrusions at Layer One. A new approach for network security”

Dr. Mani Mina and Dr. Tom Daniels Department of EE/CprE Iowa State University

Determining and verifying identity in digital communications has long been relegated to protocols that assume a cooperative participant with a unique or distinctive identifier.

We present an architecture that uses analog properties of digital devices to establish or confirm device identity in LAN's. We call this architecture DILON: Detecting Intrusions at Layer ONe.

DILON is based on the notion that directly communicating devices can observe more than just the "bits" on the media. Modern high speed ADCs can oversample the network communications to extract identifying information intrinsic to the device. By comparing this information to known profiles, sender identity may be verified or used in a forensic context.

We present our current research results and our methodology for signal analysis that given enough traffic can differentiate Ethernet NICs (Network Interface Cards) of the same model and manufacturing lot. We conclude with a discussion of further approaches and other applications.