I am working on a project for identification of device. I understand the basic parameters can be IP, MAC, IMEI can be spoofed! But what about hardware signals like Clock skew data with TLS handshake methods? Also i was looking into a traffic patterns and how we can use them to differentiate between devices? Forgive me, if i sounded silly, Networking is not my domain yet, i have just started learning about it!
My question is actually, is it do-able, cause i just learnt that devices are now starting to get built to not 'stand out'? I dont want to write a paper but rather build a tool that uses data from methods like cpu jitter, clock skew, ntp offset! I know these datas are pretty difficult to obtain but if i were to build it, how useful would it be for the market right know!
While the industry treats 802.1x (tls) as the gold standard, it doesn't fit my vision. Forcing a device to download and manage certificates is 'intrusive' it disturbs the client and adds unnecessary overhead. I’m specifically looking out for legacy hardware; for example, on my own old phone, heavy cryptographic handshakes actually affects the performance and speed. My goal is to build something passive. I want to identify a device uniquely based on its 'natural' network behavior and hardware signals, without touching its configuration or asking it to change a single thing.
Again, i am still in my study phase but wanted to get a headstart, this is a vast territory to research, i wanted to narrow down somewhere! I keep finding solutions on the internet that is not implemented which makes me question 'why not?'.
If anyones got any idea, please feel free to guide me! or atleast guide me to the starting point!