Investigating the Accuracy of Wired and Wireless TCP/IP Fingerprinting on Honeyd

ABSTRACT

TCP/IP fingerprinting is a technique used to identify the unique network stack characteristics of an Operating System (OS) and may identify a digital device by its version, vendor and operating platform. The popular network scanning tool Network Mapper (NMAP) employs TCP/IP fingerprinting to discover host to a high degree of granularity from the manipulation of flag settings in packets. In this research, the honeyd honeynet was configured to test the accuracy of NMAP OS name resolution over a wired and wireless medium. The results indicated how the TCP/IP spoofing capabilities of honeyd could be a realistic network countermeasure.


AUTHORS

School of Computer and Information Science, Edith Cowan University
Australia

Suen Yek is a doctoral candidate within the School of Computer and Information Science at Edith Cowan University in Perth, Western Australia. Her research is on wireless honeynets and the application of deceptive mechanisms for countermeasures against network attacks. Suen holds a Bachelor of Science (Software Engineering) with Honours and a Bachelor of Business (Marketing).

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Media Parner to JIW.

Media Partner

Keywords

C

C2
C2S
CDX
CIA
CIP
CPS

I

IA
ICS

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com