[PATCH v2 0/2] Client Taxonomy

Denton Gentry dgentry at google.com
Sun Aug 14 21:42:47 PDT 2016 

This set of patches contains an implementation of the mechanism
described in "Passive Taxonomy of Wifi Clients using MLME Frame Contents"
by Denton Gentry and Avery Pennarun, at:

http://research.google.com/pubs/pub45429.html and
http://arxiv.org/abs/1608.01725

It allows an AP to identify the type of client connecting to it
by extracting a concise text signature from the Probe Request and
Association Request MLME frames the client sends.

Patch #1 contains the basic mechanism. src/ap/taxonomy.c is the
code which, given a copy of the Probe Request and Association
Request, will return the text signature string. src/ap/taxonomy.c
has been in use for some time in developing the mechanism.

Patch #1 also adds a "signature qq:rr:ss:tt:uu:vv" command in
hostapd_cli to retrieve the signature for a station. This code has
not been in use nearly so long, previously we had hostapd writing
signatures directly to files.

Patch #2 is an enhancement, much more recently developed. Storing
the Probe Request and Association Request in the sta_info_t means
that the Probe sent prior to association has nowhere to be stored
and is lost. There has to be another Probe, after association, before
the signature is available.

Patch #2 stores the Probe Request in the hostapd_sta_info, and makes
it available when the station later associates. This is done in a
separate patch because of concern about memory leaks. hostapd_sta_info
did not have dedicated alloc/free routines, it used malloc() and
free() directly. I've added dedicated alloc/free routines in this
patch.

v1 of this patch set used a configuration variable in hostapd.conf
to activate the feature. This version makes it a CONFIG_TAXONOMY
compile option, enabled by default.

Signed-off-by: dgentry at google.com (Denton Gentry)
Signed-off-by: denny at geekhold.com (Denton Gentry)
Signed-off-by: rofrankel at google.com (Richard Frankel)
Signed-off-by: richard at frankel.tv (Richard Frankel)

Denton Gentry (2):
  Passive Client Taxonomy
  taxonomy: store probes in hostapd_sta_info.

 hostapd/Makefile       |   5 +
 hostapd/ctrl_iface.c   |   5 +
 hostapd/defconfig      |   6 +
 hostapd/hostapd_cli.c  |  20 ++++
 src/ap/beacon.c        |  50 +++++++-
 src/ap/beacon.h        |   5 +
 src/ap/ctrl_iface_ap.c |  30 +++++
 src/ap/ctrl_iface_ap.h |   5 +
 src/ap/hostapd.c       |   2 +-
 src/ap/hostapd.h       |   4 +
 src/ap/ieee802_11.c    |   7 ++
 src/ap/sta_info.c      |  18 +++
 src/ap/sta_info.h      |   7 ++
 src/ap/taxonomy.c      | 311 +++++++++++++++++++++++++++++++++++++++++++++++++
 src/ap/taxonomy.h      |  21 ++++
 15 files changed, 494 insertions(+), 2 deletions(-)
 create mode 100644 src/ap/taxonomy.c
 create mode 100644 src/ap/taxonomy.h

-- 
2.8.0.rc3.226.g39d4020

More information about the Hostap mailing list