Network Protocol System Fingerprinting - A Formal Approach

G. Shu, D. Lee
2006 Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications  
Network protocol system fingerprinting has been recognized as an important issue and a major threat to network security. Prevalent works rely largely on human experiences and insight of the protocol system specifications and implementations. Such ad-hoc approaches are inadequate in dealing with large complex protocol systems. In this paper we propose a formal approach for automated protocol system fingerprinting analysis and experiment. Parameterized Extended Finite State Machine is used to
more » ... l protocol systems, and four categories of fingerprinting problems are formally defined. We propose and analyze algorithms for both active and passive fingerprinting and present our experimental results on Internet protocols. Furthermore, we investigate protection techniques against malicious fingerprinting and discuss the feasibility of two defense schemes, based on the protocol and application scenarios.
doi:10.1109/infocom.2006.157 dblp:conf/infocom/ShuL06 fatcat:k3hyblrldzbnhlrgwjtzszalnm