An SDN-Based Fingerprint Hopping Method to Prevent Fingerprinting Attacks

Fingerprinting attacks are one of the most severe threats to the security of networks. Fingerprinting attack aims to obtain the operating system information of target hosts to make preparations for future attacks. In this paper, a fingerprint hopping method (FPH) is proposed based on software-defined networks to defend against fingerprinting attacks. FPH introduces the idea of moving target defense to show a hopping fingerprint toward the fingerprinting attackers. The interaction of the fingerprinting attack and its defense is modeled as a signal game, and the equilibriums of the game are analyzed to develop an optimal defense strategy. Experiments show that FPH can resist fingerprinting attacks effectively.

[1]  Achyut Sakadasariya,et al.  Software defined network: Future of networking , 2018, 2018 2nd International Conference on Inventive Systems and Control (ICISC).

[2]  Ehab Al-Shaer,et al.  Formal Approach for Route Agility against Persistent Attackers , 2013, ESORICS.

[3]  Patrice Auffret SinFP, unification of active and passive operating system fingerprinting , 2008, Journal in Computer Virology.

[4]  Harry G. Perros,et al.  SDN-based solutions for Moving Target Defense network protection , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.

[5]  Fenlin Liu,et al.  SDN-Based Double Hopping Communication against Sniffer Attack , 2016 .

[6]  Adam Doupé,et al.  HoneyMix: Toward SDN-based Intelligent Honeynet , 2016, SDN-NFV@CODASPY.

[7]  Li Wang,et al.  Moving Target Defense Against Network Reconnaissance with Software Defined Networking , 2016, ISC.

[8]  Sushil Jajodia,et al.  Manipulating the attacker's view of a system's attack surface , 2014, 2014 IEEE Conference on Communications and Network Security.

[9]  Ehab Al-Shaer,et al.  Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.

[10]  David Fernández,et al.  Versatile virtual honeynet management framework , 2017, IET Inf. Secur..

[11]  Minlan Yu,et al.  SIMPLE-fying middlebox policy enforcement using SDN , 2013, SIGCOMM.

[12]  Nick McKeown,et al.  A network in a laptop: rapid prototyping for software-defined networks , 2010, Hotnets-IX.

[13]  Sy-Yen Kuo,et al.  Xprobe2++: Low volume remote network information gathering tool , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[14]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[15]  Ehab Al-Shaer,et al.  A game-theoretic approach for deceiving Remote Operating System Fingerprinting , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[16]  Farnam Jahanian,et al.  Defeating TCP/IP Stack Fingerprinting , 2000, USENIX Security Symposium.

[17]  Idit Keidar,et al.  Keeping Denial-of-Service Attackers in the Dark , 2007, IEEE Trans. Dependable Secur. Comput..

[18]  R. Gibbons Game theory for applied economists , 1992 .

[19]  Scott A. DeLoach,et al.  Towards a Theory of Moving Target Defense , 2014, MTD '14.

[20]  Ehab Al-Shaer,et al.  Efficient Random Route Mutation considering flow and network constraints , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[21]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[22]  David J. John,et al.  An Evolutionary Strategy for Resilient Cyber Defense , 2014, GLOBECOM 2014.

[23]  Hongbo Zhu,et al.  Deceptive Attack and Defense Game in Honeypot-Enabled Networks for the Internet of Things , 2016, IEEE Internet of Things Journal.