Network Protocol System Fingerprinting - A Formal Approach

12 years 2 months ago
Network Protocol System Fingerprinting - A Formal Approach
— Network protocol system fingerprinting has been recognized as an important issue and a major threat to network security. Prevalent works rely largely on human experiences and insight of the protocol system specifications and implementations. Such ad-hoc approaches are inadequate in dealing with large complex protocol systems. In this paper we propose a formal approach for automated protocol system fingerprinting analysis and experiment. Parameterized Extended Finite State Machine is used to model protocol systems, and four categories of fingerprinting problems are formally defined. We propose and analyze algorithms for both active and passive fingerprinting and present our experimental results on Internet protocols. Furthermore, we investigate protection techniques against malicious fingerprinting and discuss the feasibility of two defense schemes, based on the protocol and application scenarios.
Guoqiang Shu, David Lee
Added 11 Jun 2010
Updated 11 Jun 2010
Type Conference
Year 2006
Authors Guoqiang Shu, David Lee
Comments (0)