Discovering hackers by stealth: predicting fingerprinting attacks on honeypot systems

Nitin Naik, Paul Jenkins

Research output: Chapter in Book/Published conference outputConference publication

Abstract

Cybersecurity is becoming increasingly challenging due to escalating security attacks on networks. A honeypot system is an effective entrapment mechanism for collecting information about these attacks and attackers. Nonetheless, one of the biggest risks to the honeypot system is the possibility of being fingerprinted by an attacker. As a consequence of the fingerprinting, the identity of the honeypot system could be revealed or it could be transformed into a bot to attack others. Several efficacious methods are proposed to fingerprint the honeypot system or to prevent it. However, there is no method that can identify and predict fingerprinting in real-time, to save the honeypot system. Therefore, this paper proposes a technique to identify and predict fingerprinting attacks on the honeypot system in real-time. This technique is based on the fingerprinting process which necessitates a series of events by the attacker and by analysing these events contemporaneously, it is feasible to identify and predict the fingerprinting attack on the honeypot system. For the development of this technique, a popular honeypot tool KFSensor and fingerprinting tools Nmap and Xprobe2 are utilised to collect fingerprint data relating to the honeypot system. This data is analysed to detect the various attack techniques used by popular fingerprinting tools to propose a solution.

Original languageEnglish
Title of host publication4th IEEE International Symposium on Systems Engineering, ISSE 2018 - Proceedings
PublisherIEEE
ISBN (Electronic)9781538644461
DOIs
Publication statusPublished - 26 Nov 2018
Event4th IEEE International Symposium on Systems Engineering, ISSE 2018 - Roma, Italy
Duration: 1 Oct 20183 Oct 2018

Publication series

Name4th IEEE International Symposium on Systems Engineering, ISSE 2018 - Proceedings

Conference

Conference4th IEEE International Symposium on Systems Engineering, ISSE 2018
CountryItaly
CityRoma
Period1/10/183/10/18

Keywords

  • Cybersecurity
  • Fingerprinting Attack
  • Honeypot System
  • KFSensor
  • Nmap
  • OS Fingerprinting
  • TCP/IP Stack Fingerprinting
  • Xprobe2

Cite this