An Online Network Fingerprint Obfuscation Mechanism Against Network Reconnaissance
Network fingerprinting detection is a crucial intelligence-gathering step prior to conducting network attacks.However,existing net-work fingerprint obfuscation techniques,which are typical countermeasures against fingerprint detection activities,still face issues like high deployment complexity,non-transparency to end systems,and significant impact on network performance.Addressing these concerns,we pro-pose a packet-based online obfuscation mechanism for resisting network fingerprint detection,named P4FO(P4-based fingerprint obfuscation mechanism),leveraging programmable data plane technology.P4FO utilizes the flexible packet processing capabilities of programmable switches to obfuscate network fingerprint information online in a manner transparent to end systems.Building upon analyzing response rate characteristics of probing flows,the mechanism implements a two-phase fingerprint obfuscation scheme combining"recognition-reconstruc-tion",which integrates capabilities of active probing flow recognition,false fingerprint customization,and online fingerprint obfuscation,and it can alleviate resource constraints of programmable switches in high-speed network environments.Experiments based on real network traffic datasets show that P4FO outperforms current mainstream methods in combating network fingerprint detection,offering a more effective solution for the protection of network device fingerprints.
国家科技期刊平台
NSTL
万方数据
