Jisuanji kexue (Nov 2022)

Differential Privacy Based Fingerprinting Obfuscation Mechanism Towards NetworkReconnaissance Deception

  • HE Yuan, XING Chang-you, ZHANG Guo-min, SONG Li-hua, YU Hang

DOI
https://doi.org/10.11896/jsjkx.220400285
Journal volume & issue
Vol. 49, no. 11
pp. 351 – 359

Abstract

Read online

Network fingerprinting detection is an important network reconnaissance method,which can be used by attackers to obtain the fingerprinting characteristics of the target network,and then provide support for subsequent targeted attacks.Fingerprinting obfuscation technology enables attackers to form fake fingerprinting views by actively modifying the fingerprinting features in response packets.However,existing obfuscation methods are still insufficient in dealing with attackers’ strategic detection and analysis.To this end,a differential privacy based fingerprinting obfuscation mechanism(DPOF) towards network reconnaissance deception is proposed.Taking the idea of data privacy protection as a reference,DPOF first establishes a utility-driven differential privacy fingerprinting obfuscation model,and calculates the obfuscation probability of fake fingerprints with different utilities through the differential privacy exponential mechanism.On this basis,a fingerprinting obfuscation decision method under resource constraint is further designed,and an obfuscation strategy solving algorithm based on particle swarm optimization is implemented.Simulation results show that compared with the existing typical fingerprinting obfuscation methods,DPOF has better fingerprinting obfuscation effect with different problem scales and budgets,and can obtain a better approximate optimal strategy at a faster speed.

Keywords