A game-theoretic approach for deceiving remote operating system fingerprinting

Mohammad Ashiqur Rahman, Mohammad Hossein Manshaei, Ehab Al-Shaer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

22 Scopus citations

Abstract

Remote Operating System (OS) Fingerprinting is a precursory step for launching attacks on the Internet. As a precaution against potential attacks, a remote machine can take a proactive counter-strategy to deceive fingerprinters. This is done by normalizing or mystifying the distinguishing behaviors in the packets. However, the unified modification causes significant performance degradation to benign clients. Using a game-theoretic approach, we propose a selective and dynamic mechanism for counter-fingerprinting. We first model and analyze the interaction between a fingerprinter and a target as a signaling game. We derive the Nash equilibrium strategy profiles based on the information gain analysis. Based on our game results, we design DeceiveGame, a mechanism to prevent or to significantly slow down fingerprinting attacks. Our game-theoretic approach appropriately distinguishes a fingerprinter from a benign client and mystifies packets to confuse the fingerprinter, while minimizing the side effects on benign clients. Our performance analysis shows that DeceiveGame can reduce the probability of success of the fingerprinter significantly, without deteriorating the overall performance of other clients.

Original languageEnglish (US)
Title of host publication2013 IEEE Conference on Communications and Network Security, CNS 2013
PublisherIEEE Computer Society
Pages73-81
Number of pages9
ISBN (Print)9781479908950
DOIs
StatePublished - 2013
Externally publishedYes
Event1st IEEE International Conference on Communications and Network Security, CNS 2013 - Washington, DC, United States
Duration: Oct 14 2013Oct 16 2013

Publication series

Name2013 IEEE Conference on Communications and Network Security, CNS 2013

Other

Other1st IEEE International Conference on Communications and Network Security, CNS 2013
Country/TerritoryUnited States
CityWashington, DC
Period10/14/1310/16/13

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'A game-theoretic approach for deceiving remote operating system fingerprinting'. Together they form a unique fingerprint.

Cite this