本研究利用時脈偏移裝置識別技術，針對可攜式裝置進行多種類型變數的實驗，以便求得量測足夠精確度之時脈偏移所需之最短時間。在本研究中，客戶端裝置與伺服器連接後，由客戶端多次傳送時間戳記，而伺服器利用已收集的時間戳記來計算客戶端裝置相對於伺服器的時脈偏移值。
本研究依據過去的相關研究選取了線性迴歸、快速分段取最小值與線性規劃三種演算法來估算偏移值，並比較三種結果在穩定性、雜訊影響度、受離群值影響程度等方面之優劣。在前置研究中，首先探討了硬體規格與震盪頻率對時脈偏移的估算會不會有所影響；其次利用封包遺失率、標準差以及收送兩端裝置的封包間隔比來鑑別單一實驗結果是否有足夠的代表性；第三點驗證中位數比平均值與縮減平均值更適合做為每個實驗的代表性時脈偏移值；最後說明在不同作業系統中各選定的時間估算函數有何差異。
經由前置研究的結果，主體研究部分設計出在可攜式裝置上，值得去分析的四個變數：擷取的封包數量、封包間隔時間、網路類型與各自搭配相異作業系統的裝置。透過分析實驗結果，可得知封包數量越多估算越準、封包間隔時間越長估算越穩定、WiFi比3G網路在估算上穩定、搭載不同作業系統的裝置需要對不同的變數有所調整才能有較高的精確度等事實。整體來說，無論在WiFi或3G環境下使用任何一種可攜式裝置，若在至少500毫秒之封包間隔收集5000個封包，則有98%以上的機率估算出來的時脈偏移其誤差在0.7ppm~1ppm之間。

In this study, we conducted experiments on different kinds of mobile devices, with each a set of 10 different configurations was applied and tested, to find out the minimum time to measure clock skews of enough precision so as to identify mobile devices via network connections. Clock skews of these mobile devices, or the clients, was measured by the server which has collected thousands of timestamps from the clients.
Three algorithms including linear regression method (LRM), quick piecewise minimum (QPM), and linear programming method (LPM) were compared by their performance on stability, noise effect, and vulnerability to outliers. In preliminary research part, we at first discussed hardware configuration may affects the oscillator frequency, and how these two factors would affect the measurement of clock skew. Secondly, we discussed how the rate of packets missing, standard deviation, and the ratio of packet interval in client and in server can help to judge experiment results. Thirdly, we argue that median is better to find a representative clock skew in every experiment than average and trimmed mean. And last, we summarized the difference of get time functions of different operating systems and programming languages.
According to the results of preliminary research part, we selected four parameters and designed experiments accordingly. The selected parameters include amount of packets, packet interval time, network type, and built-in operating systems of mobile devices. The experiment results suggest that larger amount of packets and longer packets interval time would derive better estimating result; Estimation would be stabler in WiFi environment than in 3G; Devices with different operating systems would perform differently in the same configuration and thus require different parameters to obtain more precise estimation. In conclusion, there is at least 98% probability that a clock skew of error from 0.7 to 1 ppm can be measured with 5,000 timestamps, 500 ms packet sending interval, from any mobile device with WiFi or 3G connection.

[1] D.-J. Huang, K.-T. Yang, C.-C. Ni, W.-C. Teng, T.-R. Hsiang, and Y.-J. Lee, "Clock skew based client device identification in cloud environments," in Proceedings of the 26th IEEE International Conference on Advanced Information Networking and Applications, pp. 526-533, March 2012.
[2] J. Hall, M. Barbeau, and E. Kranakis, “Detection of transient in radio frequency fingerprinting using signal phase,”in Proceedings of IASTED International Conference on Wireless and Optical Communications (WOC ’03),pp. 13-18, 2003.
[3] R. M. Gerdes, T. E. Daniels, M. Mina, and S. F. Russell, “Device identification via analog signal fingerprinting: A matched filter approach,” in Proceedings of the 2006 Network and Distributed System Security Symposium (NDSS ’06), Feb 2006.
[4] K. Bonne Rasmussen and S. Capkun, “Implications of radio fingerprinting on the security of sensor networks,”in Proceedings of 3rd International Conference on Security and Privacy in Communications Networks and the Workshops, pp. 331-340, Sept 2007.
[5] P. Eckersley, “How unique is your web browser?”in Proceedings of Privacy Enhancing Technologies. Springer Berlin / Heidelberg, vol. 6205, pp. 1–18, 2010.
[6] T. Kohno, A. Broido, and K. Claffy, “Remote physical device fingerprinting, ” in IEEE Transactions on Dependable and Secure Computing, vol. 2, no. 2, pp. 93–108, 2005.
[7] S. J. Murdoch, “Hot or not: revealing hidden services by their clock skew,” in Proceedings of the 13th ACM Conference on Computer and Communications Security, New York, NY, USA, pp. 27–36,2006
[8] R. Dingledine, N. Mathewson, and P. Syverson. “Tor: The Second-Generation Onion Router,” in Proceedings of the 13th USENIX Security Symposium, Aug 2004.
[9] S. Zander and S. J. Murdoch, “An improved clock-skew measurement technique for revealing hidden services,” in Proceedings of the 17th conference on Security symposium. Berkeley, CA, USA: USENIX Association, pp. 211–225, 2008.
[10] D.-J. Huang, W.-C. Teng, C.-Y. Wang, H.-Y. Huang, and J. M. Hellerstein, “Clock skew based node identification in wireless sensor networks,” in Proceedings of IEEE Global Telecommunications Conference, pp. 1877–1881, 2008.
[11] Jana, S. and Kasera, S. K. “On Fast and Accurate Detection of Unauthorized Wireless Access Points Using Clock Skews,” in Proceedings of the 14th ACM International Conference on Mobile Computing and Networking, New York, pp. 104-115, 2008.
[12] R. Watro, D. Kong, S. fen Cuti, C. Gardiner, C. Lynn, and P. Kruus, “Tinypk: Securing Sensor Networks with Public Key Technology,” in Proceedings of the Second ACM Workshop on Security of Ad hoc and Sensor Networks (SASN '04), pp. 59-64, 2004.
[13] M. Uddin and C. Castelluccia, “Toward clock skew based wireless sensor node services,”in Proceedings of the 5th Annual ICST Wireless Internet Conference (WICON 2010), pp. 1-9, Mar 2010.
[14] M. A. Vouk, “Cloud computing: Issues, research and implementations,” n Proceedings of the 30th International Conference on Information Technology Interfaces, pp. 31-40, June 2008.
[15] M. Jensen, J. Schwenk, N. Gruschka, and L. Iacono, “On technical security issues in cloud computing,” in Proceedings of IEEE International Conference on Cloud Computing, 2009. (CLOUD ’09), pp. 109–116, Sept 2009.
[16] L. Kaufman, “Data security in the world of cloud computing,” IEEE Security Privacy, vol. 7, no. 4, pp. 61–64, July-Aug 2009.
[17] H. Li, Y. Dai, L. Tian, and H. Yang, “Identity-based authentication for cloud computing,”in Proceedings of Cloud Computing. Springer Berlin / Heidelberg, vol. 5931, pp. 157–166, 2009.
[18] C. Schridde, T. Dornemann, E. Juhnke, B. Freisleben, and M. Smith, “An identity-based security infrastructure for cloud environments,”in Proceedings of 2010 IEEE International Conference on Wireless Communications, Networking and Information Security (WCNIS), pp. 644–649, June 2010.
[19] S. Subashini and V. Kavitha, “A survey on security issues in service delivery models of cloud computing,” Journal of Network and Computer Applications, vol. 34, no. 1, pp. 1–11, 2011.
[20] S. Moon, P. Skelly and D. Towsley, "Estimation and removal of clock skew from network delay measurements," in Proceedings of 18th Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 1, pp. 227-234, Mar 1999.
[21] N. Megiddo, “Linear-time algorithms for linear programming in r3 and related problems,” in Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, ser. SFCS ’82, pp. 329-338, 1982.
[22] M. E. Dyer, “Linear time algorithms for two- and three-variable linear programs,” SIAM Journal on Computing, vol. 13, no 1, pp. 31-45, 1984.
[23] V. Paxson, ``On calibrating measurements of packet transit times,'' in Proceedings of the 1998 ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems, pp. 11--21, 1998.