Product Details

Tool for mobile app fingerprinting

Created: 2020

Czech title
Nástroj pro vytváření otisku mobilní aplikace
Type
software
License
Use of the result by another entity is possible without acquiring a license in some cases
License Fee
The licensor does not require a license fee for the result
Authors
Matoušek Petr, doc. Ing., Ph.D., M.A. (DIFS)
Keywords

mobile app fingerprinting, JA3 fingerprinting, digital forensics, network
monitoring

Description

This tool computes JA3 and JA3S fingerprints for mobile apps using captured
network communication. Originally, the method was developped by John Althouse and
others, see
https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-24736285
5967. Here, we apply this method on mobile apps and observe reliability and
stability of JA3 and JA3S fingerprints.

The script creates JA3+JA3S fingerprint databased based on the given dataset with
typical mobile app communication. For selection of fingerprints directly related
to the app we use Server Name Indication (SNI) string obtained from TLS
handshake. Depending on the app, the mobile app fingerprint is composed either by
JA3+JA3S hashes only, or as combination of JA3+SNI or JA3+JA3S+SNI.

Location

Viz https://github.com/matousp/ja3s-fingerprinting.

Projects
Integrated platform for analysis of digital data from security incidents, MV, Bezpečnostní výzkum České republiky 2015-2020, VI20172020062, start: 2017-01-01, end: 2020-06-30, running
Departments
Department of Information Systems (DIFS)
Back to top