Document Type

Technical Report

Publication Date


Technical Report Number



We present a reliable method of PHY-layer fingerprinting of IEEE 802.15.4-conformant nodes with commodity digital radio chips widely used in building inexpensive IEEE 802.15.4-conformant devices. Typically, PHY-layer fingerprinting requires software-defined radios that cost orders of magnitude more than the chips they can fingerprint; our method does not require a software-defined radio and uses the same inexpensive chips. For mission-critical systems relying on 802.15.4 devices, defense-in-depth is thus necessary. Device fingerprinting has long been an important defensive tool; reducing its cost raises its utility for defenders. We investigate new methods of fingerprinting 802.15.4 devices by exploring techniques to differentiate between multiple 802.15.4-conformant radio-hardware manufactures and firmware distributions, and point out the implications of these results for WIDS, both with respect to WIDS evasion techniques and countering such evasion.


Superseded by TR2014-479