Computer Science

Computer Science ›› 2022, Vol. 49 ›› Issue (11): 351-359.doi: 10.11896/jsjkx.220400285

• Information Security • Previous Articles     Next Articles

Differential Privacy Based Fingerprinting Obfuscation Mechanism Towards NetworkReconnaissance Deception

HE Yuan, XING Chang-you, ZHANG Guo-min, SONG Li-hua, YU Hang   

  1. College of Command and Control Engineering,Army Engineering University of PLA,Nanjing 210007,China
  • Received:2022-04-28 Revised:2022-07-23 Online:2022-11-15 Published:2022-11-03
  • About author:HE Yuan,born in 1998,postgraduate.His main research interests include cyber deception defense and game theory.
    XING Chang-you,born in 1982,Ph.D,professor.His main research interests include network proactive defense,software defined networking and network measurement.
  • Supported by:
    National Natural Science Foundation of China(62172432,61772271).

PDF (PC)

346

Abstract: Network fingerprinting detection is an important network reconnaissance method,which can be used by attackers to obtain the fingerprinting characteristics of the target network,and then provide support for subsequent targeted attacks.Fingerprinting obfuscation technology enables attackers to form fake fingerprinting views by actively modifying the fingerprinting features in response packets.However,existing obfuscation methods are still insufficient in dealing with attackers’ strategic detection and analysis.To this end,a differential privacy based fingerprinting obfuscation mechanism(DPOF) towards network reconnaissance deception is proposed.Taking the idea of data privacy protection as a reference,DPOF first establishes a utility-driven differential privacy fingerprinting obfuscation model,and calculates the obfuscation probability of fake fingerprints with different utilities through the differential privacy exponential mechanism.On this basis,a fingerprinting obfuscation decision method under resource constraint is further designed,and an obfuscation strategy solving algorithm based on particle swarm optimization is implemented.Simulation results show that compared with the existing typical fingerprinting obfuscation methods,DPOF has better fingerprinting obfuscation effect with different problem scales and budgets,and can obtain a better approximate optimal strategy at a faster speed.

Key words: Fingerprinting obfuscation, Differential privacy, Network reconnaissance, Cyber deception defense

CLC Number: 

  • TP393
[1]LYON G F.Nmap network scanning:The official Nmap project guide to network discovery and security scanning[M].US:Insecure,2008.
[2]AUFFRET P.SinFP,unification of active and passive operating system fingerprinting[J].Journal in Computer Virology,2010,6(3):197-205.
[3]KOHNO T,BROIDO A,CLAFFY K C.Remote physical device fingerprinting[J].IEEE Transactions on Dependable and Secure Computing,2005,2(2):93-108.
[4]BRYANT B D,SAIEDIAN H.A novel kill-chain framework for remote security log analysis with SIEM software[J].Computers &Security,2017,67:198-210.
[5]ZHU M,ANWAR A H,WAN Z L,et al.A survey of defensive deception:Approaches using game theory and machine learning[J].IEEE Communications Surveys & Tutorials,2021,23(4):2460-2493.
[6]AKSOY A,LOUIS S,GUNES M H.Operating system finger-printing via automated network traffic analysis[C]//2017 IEEE Congress on Evolutionary Computation(CEC).IEEE,2017:2502-2509.
[7]HAGOS D H,YAZIDI A,KURE Ø,et al.A Machine-Learning-Based Tool for Passive OS Fingerprinting With TCP Variant as a Novel Feature[J].IEEE Internet of Things Journal,2020,8(5):3534-3553.
[8]HAGOS D H,LØLAND M,YAZIDI A,et al.Advanced PassiveOperating System Fingerprinting Using Machine Learning and Deep Learning[C]//2020 29th International Conference on Computer Communications and Networks(ICCCN).IEEE,2020:1-11.
[9]YE D Y,ZHU T Q,SHEN S,et al.A differentially private gametheoretic approach for deceiving cyber adversaries[J].IEEE Transactions on Information Forensics and Security,2020,16:569-584.
[10]SCHLENKER A,THAKOOR O,XU H F,et al.Deceiving cyber adversaries:A game theoretic approach[C]//International Conference on Autonomous Agents and Multiagent Systems.2018:892-900.
[11]ALBANESE M,BATTISTA E,JAJODIA S.A deception based approach for defeating OS and service fingerprinting[C]//2015 IEEE Conference on Communications and Network Security(CNS).IEEE,2015:317-325.
[12]WANG Y L,GUO J,ZHANG J C,et al.Moving OS fingerprint adaptively in SDN network[C]//2017 3rd IEEE International Conference on Computer and Communications(ICCC).IEEE,2017:438-442.
[13]SHI Y,ZHANG H G,WANG J,et al.Chaos:An SDN-based moving target defense system[J].arXiv:1704.01482,2017.
[14]PAWLICK J,COLBERT E,ZHU Q Y.A game-theoretic taxo-nomy and survey of defensive deception for cybersecurity and privacy[J].ACM Computing Surveys(CSUR),2019,52(4):1-28.
[15]LIU J W,LIU J J,LU Y L,et al.Optimal Defense Strategy Selection Method Based on Network Attack-Defense Game Model[J].Computer Science,2018,45(6):117-123.
[16]LI S H,ZHANG G M,SONG L H,et al.Incomplete Information Game Theoretic Analysis to Defend Fingerprinting[J].Computer Science,2021,48(8):291-299.
[17]JAJODIA S,PARK N,PIERAZZI F,et al.A probabilistic logic of cyber deception[J].IEEE Transactions on Information Forensics and Security,2017,12(11):2532-2544.
[18]RAHMAN M A,HASAN M G M M,MANSHAEI M H,et al.A game-theoretic analysis to defend against remote operating system fingerprinting[J].Journal of Information Security and Applications,2020,52:102456.
[19]PAWLICK J,COLBERT E,ZHU Q Y.Modeling and analysis of leaky deception using signaling games with evidence[J].IEEE Transactions on Information Forensics and Security,2018,14(7):1871-1886.
[20]BILINSKI M,FERGUSON-WALTER K,FUGATE S,et al.You only lie twice:A multi-round cyber deception game of questionable veracity[C]//International Conference on Decision and Game Theory for Security.Cham:Springer,2019:65-84.
[21]SUN P Y,ZHANG H W,MA J Q,et al.A Selection Strategy for Network Security Defense Based on a Time Game Model[C]//2021 International Conference on Digital Society and Intelligent Systems(DSInS).IEEE,2021:223-228.
[22]WAN Z L,CHO J H,ZHU M,et al.Foureye:Defensive Deception Against Advanced Persistent Threats via Hypergame Theory[J].IEEE Transactions on Network and Service Management,2021,19(1):112-129.
[23]DWORK C.Differential privacy[C]//International Colloquium on Automata,Languages,and Programming.Berlin:Springer,2006:1-12.
[24]HASSAN M U,REHMANI M H,CHEN J J.Differential privacy techniques for cyber physical systems:a survey[J].IEEE Communications Surveys & Tutorials,2019,22(1):746-789.
[25]WEI K,LI J,DING M,et al.Federated learning with differential privacy:Algorithms and performance analysis[J].IEEE Transa-ctions on Information Forensics and Security,2020,15:3454-3469.
[26]JIANG B,LI J Q,YUE G H,et al.Differential Privacy for Industrial Internet of Things:Opportunities,Applications,and Challenges[J].IEEE Internet of Things Journal,2021,8(13):10430-10451.
[1] TANG Ling-tao, WANG Di, ZHANG Lu-fei, LIU Sheng-yun. Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy [J]. Computer Science, 2022, 49(9): 297-305.
[2] GAO Chun-gang, WANG Yong-jie, XIONG Xin-li. MTDCD:A Hybrid Defense Mechanism Against Network Intrusion [J]. Computer Science, 2022, 49(7): 324-331.
[3] HUANG Jue, ZHOU Chun-lai. Frequency Feature Extraction Based on Localized Differential Privacy [J]. Computer Science, 2022, 49(7): 350-356.
[4] WANG Mei-shan, YAO Lan, GAO Fu-xiang, XU Jun-can. Study on Differential Privacy Protection for Medical Set-Valued Data [J]. Computer Science, 2022, 49(4): 362-368.
[5] KONG Yu-ting, TAN Fu-xiang, ZHAO Xin, ZHANG Zheng-hang, BAI Lu, QIAN Yu-rong. Review of K-means Algorithm Optimization Based on Differential Privacy [J]. Computer Science, 2022, 49(2): 162-173.
[6] SHI Kun, ZHOU Yong, ZHANG Qi-liang, JIANG Shun-rong. Privacy-preserving Scheme of Energy Trading Data Based on Consortium Blockchain [J]. Computer Science, 2022, 49(11): 335-344.
[7] WANG Xiu-jun, MO Lei, ZHENG Xiao, GAO Yun-quan. Adaptive Histogram Publishing Algorithm for Sliding Window of Data Stream [J]. Computer Science, 2022, 49(10): 344-352.
[8] DONG Xiao-mei, WANG Rui, ZOU Xin-kai. Survey on Privacy Protection Solutions for Recommended Applications [J]. Computer Science, 2021, 48(9): 21-35.
[9] SUN Lin, PING Guo-lou, YE Xiao-jun. Correlation Analysis for Key-Value Data with Local Differential Privacy [J]. Computer Science, 2021, 48(8): 278-283.
[10] LI Shao-hui, ZHANG Guo-min, SONG Li-hua, WANG Xiu-lei. Incomplete Information Game Theoretic Analysis to Defend Fingerprinting [J]. Computer Science, 2021, 48(8): 291-299.
[11] ZHANG Xue-jun, YANG Hao-ying, LI Zhen, HE Fu-cun, GAI Ji-yang, BAO Jun-da. Differentially Private Location Privacy-preserving Scheme withSemantic Location [J]. Computer Science, 2021, 48(8): 300-308.
[12] CHEN Tian-rong, LING Jie. Differential Privacy Protection Machine Learning Method Based on Features Mapping [J]. Computer Science, 2021, 48(7): 33-39.
[13] WANG Le-ye. Geographic Local Differential Privacy in Crowdsensing:Current States and Future Opportunities [J]. Computer Science, 2021, 48(6): 301-305.
[14] PENG Chun-chun, CHEN Yan-li, XUN Yan-mei. k-modes Clustering Guaranteeing Local Differential Privacy [J]. Computer Science, 2021, 48(2): 105-113.
[15] LIU Ya-qun, XING Chang-you, GAO Ya-zhuo, ZHANG Guo-min. TopoObfu:A Network Topology Obfuscation Mechanism to Defense Network Reconnaissance [J]. Computer Science, 2021, 48(10): 278-285.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.