Machine Learning Fingerprinting Methods in Cyber Security Domain: Which one to Use?

• Authors: LAŠTOVIČKA Martin; DUFKA Antonín; KOMÁRKOVÁ Jana
• Year of publication: 2018
• Type: Article in Proceedings
• Conference: Proceedings of the 14th International Wireless Communications and Mobile Computing Conference
• MU Faculty or unit: Institute of Computer Science
• Web: https://ieeexplore.ieee.org/abstract/document/8450406
• Doi: http://dx.doi.org/10.1109/IWCMC.2018.8450406
• Keywords: Machine Learning; OS Fingerprinting; IPFIX; Cybersecurity

Attached files

• 2018-DACS-machine-learning-fingerprinting-methods-in-cyber-security-domain-which-one-to-use-paper.pdf
• 2018-DACS-machine-learning-fingerprinting-methods-in-cyber-security-domain-which-one-to-use-presentation.pdf

• Description: Identification of a communicating device operating system is a fundamental part of network situational awareness. However, current networks are large and change often which implies the need for a system that will be able to continuously monitor the network and handle changes in identified operating systems. The aim of this paper is to compare machine learning methods performance for OS fingerprinting on real-world data in the terms of processing time, memory requirements, and performance measures of accuracy, precision, and recall.

Related projects

• Research of Tools for Cyber Situational Awareness and Decision Support of CSIRT Teams in Protection of Critical Infrastructure