A new method for recognizing operating systems of automation devices

TCP/IP fingerprinting is the task of identify a machine operating system according to its TCP/IP protocol stack implementation. It can be used to help automation technology professionals to perform security tests against a device before put it into production. Current tools that perform TCP/IP fingerprinting can damage automation devices operation because of the specially crafted TCP/IP packets that are sent to the probed devices. Instead of these packets, this paper proposes a technique that uses a simple TCP SYN message to collect TCP ISN (initial sequence number) samples. Signal processing tools are used to classify the operating systems based on these samples. We conclude that it is possible to recognize operating systems using only one open TCP port on the target machine without compromise the device operation.

[1]  Gregory L. Baker,et al.  Chaotic dynamics: Contents , 1996 .

[2]  Steven M. Bellovin,et al.  Defending against Sequence Number Attacks , 2012, RFC.

[3]  Marcin Zalewski,et al.  Strange attractors and tcp/ip sequence number analysis , 2004 .

[4]  Nils Goerke,et al.  Self organized classification of chaotic domains from a nonlinear attractor , 2001, IJCNN'01. International Joint Conference on Neural Networks. Proceedings (Cat. No.01CH37222).

[5]  João Paulo S. Medeiros,et al.  Automating security tests for industrial automation devices using neural networks , 2007, 2007 IEEE Conference on Emerging Technologies and Factory Automation (EFTA 2007).

[6]  E. Ott Chaos in Dynamical Systems: Contents , 2002 .

[7]  Paulo S. Motta Pires,et al.  Security Aspects of SCADA and Corporate Network Interconnection: An Overview , 2006, 2006 International Conference on Dependability of Computer Systems.

[8]  S. Hyakin,et al.  Neural Networks: A Comprehensive Foundation , 1994 .

[9]  Mw Hirsch,et al.  Chaos In Dynamical Systems , 2016 .

[10]  Bogdan M. Wilamowski,et al.  The Transmission Control Protocol , 2005, The Industrial Information Technology Handbook.

[11]  João Paulo S. Medeiros,et al.  Application of Kohonen Maps to Improve Security Tests on Automation Devices , 2007, CRITIS.

[12]  J. Yorke,et al.  Chaos: An Introduction to Dynamical Systems , 1997 .

[13]  M. V. Velzen,et al.  Self-organizing maps , 2007 .