Minutiae: A Formal Methodology for Accurate Protocol Fingerprinting

Author

Shu, Guoqiang ; Lee, David

Author_Institution

Ohio State Univ., Columbus

fYear

2007

fDate

16-16 Oct. 2007

Firstpage

1

Lastpage

6

Abstract

We study the new problem of network protocol fingerprinting, which has been recognized as both a threat to cyberspace privacy and a useful technique for intrusion detection. This paper provides the first taxonomy of fingerprint matching and discovery problems based on a formal fingerprint model call Minutiae. The FSM based Minutiae model captures more structural characteristics of a protocol implementation than the traditional trace-based representation, and therefore enables rigid analysis and more accurate fingerprinting algorithms. We first introduce our formal model and classification of fingerprinting problems; then propose solution for each category of problem illustrated with examples. For all algorithms we also present analysis of their time complexity.

Keywords

computational complexity; computer crime; computer networks; data privacy; fingerprint identification; pattern classification; pattern matching; protocols; telecommunication security; FSM based Minutiae model; Minutiae formal fingerprint model; accurate network protocol fingerprinting problem; cyberspace privacy; fingerprint discovery problem; fingerprint matching problem; intrusion detection; time complexity; Algorithm design and analysis; Computer science; Decoding; Encoding; Fingerprint recognition; Fingers; Privacy; Protocols; Reachability analysis; Taxonomy;

fLanguage

English

Publisher

ieee

Conference_Titel

Secure Network Protocols, 2007. NPSec 2007. 3rd IEEE Workshop on

Conference_Location

Beijing

Print_ISBN

978-1-4244-1603-5

Electronic_ISBN

978-1-4244-1603-5

Type

conf

DOI

10.1109/NPSEC.2007.4371620

Filename

4371620