Why CUJO AI Device Intelligence Is Unaffected by MAC Randomization

All posts

Artificial intelligence solves issues that seem insurmountable to network service providers (NSPs) relying on rule-based or list-based solutions, such as MAC addresses for Wi-Fi steering, authentication, and parental controls. Going beyond simplistic and unreliable hardware signatures, CUJO AI uses over a dozen unique identifiers to automatically analyze, detect, and identify over 50,000 device models and operating system versions without using any privacy-invading technologies.

Download the MAC randomization whitepaper to learn more.

MAC address randomization is a fair and legitimate method for increasing user privacy in a world where mobile devices and smartwatches probe every public Wi-Fi router. Nevertheless, network service providers (NSPs) face a grave reality where most of their systems still rely on MAC addresses as unique device identifiers. Solving this incongruence between privacy and network services is exactly where machine learning metadata analysis shines.

CUJO AI uses over a dozen unique identifiers to automatically analyze, detect, and identify over 50,000 device models and operating system versions without using any privacy-invading technologies.

Redundant Solutions Based on MAC Addresses

Most other device intelligence and analytics solutions still use MAC addresses as the only means to identify device types. This is an extremely flawed way of dealing with device identification, as we expect close to 30% of all mobile devices to randomize their MAC addresses in 2021. This also includes the first 3 octets of a MAC address, which identify the device manufacturer and model – essential pieces of data for network management and statistics.

mac randomization impact on network service providers

The largest broadband networks already see 0.5-1% of all devices randomizing their MAC addresses daily. Currently, these are mostly Apple devices upgrading to the newest iOS version. CUJO AI Explorer reliably de-randomizes and merges the historical usage records of these devices.

Using MAC addresses as device identifiers beyond Layer 2 communications never was an intended use, and with the natural drive towards privacy, it can be summed up in a single quote: “Do not trust the MAC address.”

Solving MAC Randomization

CUJO AI enables a more reliable and secure online experience for over 700 million devices worldwide. Since Apple devices started upgrading to iOS 14, we see a 200-300% daily increase of ‘new devices’ on our customers’ networks. Explorer successfully manages to link, merge, and de-duplicate additional MAC addresses, allowing the NSP to maintain an accurate device inventory. Real-life data shows that CUJO AI can identify and classify over 75% of devices on a network in under 5 minutes. This number reaches over 92% in the next 24 hours.

Explorer’s Device Intelligence is a MAC-agnostic solution that does not rely on MAC addresses. It uses over a dozen unique identifiers to classify over 50,000 device models. This is a staggering number, knowing that most NPS networks do not have more than 20,000 unique device models. Our extensive IoT and mobile device database increases by at least 1,000 new models and operating system versions monthly.

Part of a Much Broader Device Intelligence Solution

MAC de-randomization is just a single feature of CUJO AI Explorer’s Device Intelligence suite. In addition to device detection and classification, CUJO AI Explorer provides NSPs with content classification, aggregated network data as well as a real-time API solution for bringing network monitoring and security data straight to the end-user.

CUJO AI fully supports online privacy, and all our products are non-invasive for the end-user. We use machine learning algorithms to identify device types and not to track particular devices. Explorer’s Device Intelligence capabilities enable any NSP to continue providing services, attributing the right policies, and creating robust, reliable services for end users.

Machine Learning for Device Intelligence, Metadata Analysis, and De-duplication for Network Service Providers

As MAC randomization makes traditional device intelligence obsolete, machine learning algorithms step in to analyze non-private metadata. Robust algorithms look for unique signature combinations that allow network operators to keep up-to-date network traffic usage statistics, better unique device count estimations.

  • Analyzing the metadata solely with our patented Device Intelligence solution, network service providers ensure precise historical usage data with extremely low false positives.
  • No software is needed on end-user devices – creating a low-friction environment on networks is a priority for scalable solutions. We have a proven record with our cloud-based solutions managing over 700 million devices.
  • CUJO AI offers network operators a cloud-based solution that keeps all network data in their possession at all times.
  • Our artificial intelligence solution proves it can solve the issues caused by MAC randomization in under 5 minutes, thus providing a reliable source of network data for analysts.


Why CUJO AI’s Device Identification Works Better than Anything Else on the Market

Explorer is a robust multi-factor solution that has more scalability and flexibility than list-based control systems. Combining unique metadata signatures from thousands of devices is a great challenge that we have evidently solved with a great success rate. Using machine learning is, at the very least, 50% more efficient than solutions that rely on hostname leveraging, based on extensive internal testing done by the CUJO AI Labs team.

Using machine learning and AI for these issues only becomes better over time, as the algorithms can be made more flexible and robust than any traditional solution without becoming obsolete. At our current pace, we are adding over 1,000 new IoT and mobile devices, as well as firmware and OS signatures and their combinations to our database every month.

As our algorithms can detect tens of thousands of device and OS models, we enable NSPs to manage not only the newest devices, but also those that might be vulnerable, obsolete and no longer supported.

Explorer offers NSPs a simple 3-step process for Device Intelligence:

  1. Identification of device type, make, and model.
  2. Merging of historical records.
  3. Providing a single source of truth for network analytics and personalized solutions, such as pause internet, screen time schedules, and parental controls.


Find out more about CUJO AI Explorer.

CUJO AI: Looking into the Future

The global shift towards more user privacy is a strong trend, which can catch many traditional companies off-guard. We already observe devices that have unique signatures for every network they connect to. We know that relying on MAC addresses is no longer an option and strive to create a privacy-respecting solution that allows an NSP to identify the model of any device and flexibly apply the right policies, security solutions or controls.

CUJO AI Explorer is a step towards flexible network analytics and security, where generic solutions become obsolete, but vulnerable devices are quickly identified, classified, and protected in the best manner by machine learning algorithms.

We are currently working on testing an improved Explorer’s Device Intelligence solution that is even more efficient and quicker than the benchmarks noted in this article.