Magnifier: Detecting Network Access via Lightweight Traffic-based Fingerprints

• URL: http://arxiv.org/abs/2412.13428v1
• Date: Wed, 18 Dec 2024 01:45:07 GMT
• Title: Magnifier: Detecting Network Access via Lightweight Traffic-based Fingerprints
• Authors: Wenhao Li, Qiang Wang, Huaifeng Bao, Xiao-Yu Zhang, Lingyun Ying, Zhaoxuan Li,
• Abstract summary: We propose Magnifier for mobile device network access detection. Magnifier passively infers access patterns from backbone traffic at the gateway level. We have made both the Magnifier prototype and the NetCess2023 dataset publicly available.
• Score: 22.86294408673709
• License:
• Abstract: Network access detection plays a crucial role in global network management, enabling efficient network monitoring and topology measurement by identifying unauthorized network access and gathering detailed information about mobile devices. Existing methods for endpoint-based detection primarily rely on deploying monitoring software to recognize network connections. However, the challenges associated with developing and maintaining such systems have limited their universality and coverage in practical deployments, especially given the cost implications of covering a wide array of devices with heterogeneous operating systems. To tackle the issues, we propose Magnifier for mobile device network access detection that, for the first time, passively infers access patterns from backbone traffic at the gateway level. Magnifier's foundation is the creation of device-specific access patterns using the innovative Domain Name Forest (dnForest) fingerprints. We then employ a two-stage distillation algorithm to fine-tune the weights of individual Domain Name Trees (dnTree) within each dnForest, emphasizing the unique device fingerprints. With these meticulously crafted fingerprints, Magnifier efficiently infers network access from backbone traffic using a lightweight fingerprint matching algorithm. Our experimental results, conducted in real-world scenarios, demonstrate that Magnifier exhibits exceptional universality and coverage in both initial and repetitive network access detection in real-time. To facilitate further research, we have thoughtfully curated the NetCess2023 dataset, comprising network access data from 26 different models across 7 brands, covering the majority of mainstream mobile devices. We have also made both the Magnifier prototype and the NetCess2023 dataset publicly available\footnote{https://github.com/SecTeamPolaris/Magnifier}.

Related papers

• Locality Sensitive Hashing for Network Traffic Fingerprinting [5.062312533373298]
  We use locality-sensitive hashing (LSH) for network traffic fingerprinting. Our method increases the accuracy of state-of-the-art by 12% achieving around 94% accuracy in identifying devices in a network.
  arXiv  Detail & Related papers  (2024-02-12T21:14:37Z)
• GanFinger: GAN-Based Fingerprint Generation for Deep Neural Network Ownership Verification [8.00359513511764]
  We propose a network fingerprinting approach, named as GanFinger, to construct the network fingerprints based on the network behavior. GanFinger significantly outperforms the state-of-the-arts in efficiency, stealthiness, and discriminability. It achieves a remarkable 6.57 times faster in fingerprint generation and boosts the ARUC value by 0.175, resulting in a relative improvement of about 26%.
  arXiv  Detail & Related papers  (2023-12-25T05:35:57Z)
• Towards a Near-real-time Protocol Tunneling Detector based on Machine Learning Techniques [0.0]
  We present a protocol tunneling detector prototype which inspects, in near real time, a company's network traffic using machine learning techniques. The detector monitors unencrypted network flows and extracts features to detect possible occurring attacks and anomalies. Results show 97.1% overall accuracy and an F1-score equals to 95.6%.
  arXiv  Detail & Related papers  (2023-09-22T09:08:43Z)
• AFR-Net: Attention-Driven Fingerprint Recognition Network [47.87570819350573]
  We improve initial studies on the use of vision transformers (ViT) for biometric recognition, including fingerprint recognition. We propose a realignment strategy using local embeddings extracted from intermediate feature maps within the networks to refine the global embeddings in low certainty situations. This strategy can be applied as a wrapper to any existing deep learning network (including attention-based, CNN-based, or both) to boost its performance.
  arXiv  Detail & Related papers  (2022-11-25T05:10:39Z)
• Bandwidth-efficient distributed neural network architectures with application to body sensor networks [73.02174868813475]
  This paper describes a conceptual design methodology to design distributed neural network architectures. We show that the proposed framework enables up to a factor 20 in bandwidth reduction with minimal loss. While the application focus of this paper is on wearable brain-computer interfaces, the proposed methodology can be applied in other sensor network-like applications as well.
  arXiv  Detail & Related papers  (2022-10-14T12:35:32Z)
• A Single-Target License Plate Detection with Attention [56.83051142257412]
  Neural Network is commonly adopted to the License Plate Detection (LPD) task and achieves much better performance and precision, especially CNN-based networks can achieve state of the art RetinaNet. For a single object detection task such as LPD, modified general object detection would be time-consuming, unable to cope with complex scenarios and a cumbersome weights file that is too hard to deploy on the embedded device.
  arXiv  Detail & Related papers  (2021-12-12T03:00:03Z)
• Finding Facial Forgery Artifacts with Parts-Based Detectors [73.08584805913813]
  We design a series of forgery detection systems that each focus on one individual part of the face. We use these detectors to perform detailed empirical analysis on the FaceForensics++, Celeb-DF, and Facebook Deepfake Detection Challenge datasets.
  arXiv  Detail & Related papers  (2021-09-21T16:18:45Z)
• MD-CSDNetwork: Multi-Domain Cross Stitched Network for Deepfake Detection [80.83725644958633]
  Current deepfake generation methods leave discriminative artifacts in the frequency spectrum of fake images and videos. We present a novel approach, termed as MD-CSDNetwork, for combining the features in the spatial and frequency domains to mine a shared discriminative representation.
  arXiv  Detail & Related papers  (2021-09-15T14:11:53Z)
• Federated Learning for Intrusion Detection System: Concepts, Challenges and Future Directions [0.20236506875465865]
  Intrusion detection systems play a significant role in ensuring security and privacy of smart devices. The present paper aims to present an extensive and exhaustive review on the use of FL in intrusion detection system.
  arXiv  Detail & Related papers  (2021-06-16T13:13:04Z)
• Characterization and Identification of Cloudified Mobile Network Performance Bottlenecks [0.0]
  This study is a first attempt to experimentally explore the range of performance bottlenecks that 5G mobile networks can experience. In particular, we find that distributed analytics performs reasonably well both in terms of bottleneck identification accuracy and incurred computational and communication overhead.
  arXiv  Detail & Related papers  (2020-07-22T14:46:51Z)
• Firearm Detection and Segmentation Using an Ensemble of Semantic Neural Networks [62.997667081978825]
  We present a weapon detection system based on an ensemble of semantic Convolutional Neural Networks. A set of simpler neural networks dedicated to specific tasks requires less computational resources and can be trained in parallel. The overall output of the system given by the aggregation of the outputs of individual networks can be tuned by a user to trade-off false positives and false negatives.
  arXiv  Detail & Related papers  (2020-02-11T13:58:16Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.