Skip to Main Content
This paper demonstrates the effectiveness of the method for determining spoofed MAC Addresses by extracting a fingerprint of constant traffic to specific IP destinations. This method, called DTF (Destination Traffic Fingerprint), was described in detail by the authors . This paper presents results of the DTF method in a software tool called NetDTF, which is able to capture traffic in real time and analyze the MAC addresses of network stations based on fingerprints taken for each one of them.
Date of Conference: 27-29 May 2010