EEMCS EPrints Service

Education

Research

Prospective Students

Jobs

Publications

Intranet (internal)

Nederlands

Contact

Sitemap

Organisation

18789 Using Machine Learning Techniques for Advanced Passive Operating System Fingerprinting

Home Policy Brochure Browse Search User Area Contact Help

Schwartzenberg, J. (2010) Using Machine Learning Techniques for Advanced Passive Operating System Fingerprinting. Master's thesis, University of Twente.

Full text available as:

PDF

- Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
1199 Kb

Abstract

TCP/IP fingerprinting is the active or passive collection of information usually extracted from a remote computer’s network stack. The combination of such information can be then used to infer the remote operating system (OS fingerprinting). OS fingerprinting is traditionally based on a database of “signatures”. A signature comprises several features (i.e., pairs attribute/value) extracted from network packets generated by a known operating system. Signatures are manually generated (and updated) by observing several operating systems. There are two types of fingerprinting: active and passive. In this work, we focus on automating the generation and updating of the signatures for passive fingerprinting. By using classification algorithms we deal with fingerprints which do not have an exact match with an already known signature.

Item Type:	Master's Thesis
Research Group:	EWI-DIES: Distributed and Embedded Security
Research Program:	CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
ID Code:	18789
Deposited On:	21 November 2010
More Information:	statistics

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item