Identifying Operating System Using Flow-based Traffic Fingerprinting
| Authors | |
|---|---|
| Year of publication | 2014 |
| Type | Article in Proceedings |
| Conference | Advances in Communication Networking, Lecture Notes in Computer Science, Vol. 8846 |
| MU Faculty or unit | |
| Citation | |
| Web | http://dx.doi.org/10.1007/978-3-319-13488-8_7 |
| Doi | http://dx.doi.org/10.1007/978-3-319-13488-8_7 |
| Field | Informatics |
| Keywords | OS fingerprinting; passive; high-throughput; p0f; flow |
| Attached files | |
| Description | Many vulnerabilities are operating system specific. Information about the OS of all hosts in a network represents a valuable asset for network administrators. While OS detection in small networks is an easy task, expanding the same process on a large scale becomes a challenge. The weak performance, high speed traffic and large amount of hosts for OS detection are issues to overcome. In this paper we propose a flow based framework for large scale OS detection. Furthermore, we describe the framework implementation into a flow probe, provide performance comparison and share remarks on deployment in a real world network. |
| Related projects: |