Identifying Operating System Using Flow-based Traffic Fingerprinting
| Autoři | |
|---|---|
| Rok publikování | 2014 |
| Druh | Článek ve sborníku |
| Konference | Advances in Communication Networking, Lecture Notes in Computer Science, Vol. 8846 |
| Fakulta / Pracoviště MU | |
| Citace | |
| www | http://dx.doi.org/10.1007/978-3-319-13488-8_7 |
| Doi | http://dx.doi.org/10.1007/978-3-319-13488-8_7 |
| Obor | Informatika |
| Klíčová slova | OS fingerprinting; passive; high-throughput; p0f; flow |
| Přiložené soubory | |
| Popis | Many vulnerabilities are operating system specific. Information about the OS of all hosts in a network represents a valuable asset for network administrators. While OS detection in small networks is an easy task, expanding the same process on a large scale becomes a challenge. The weak performance, high speed traffic and large amount of hosts for OS detection are issues to overcome. In this paper we propose a flow based framework for large scale OS detection. Furthermore, we describe the framework implementation into a flow probe, provide performance comparison and share remarks on deployment in a real world network. |
| Související projekty: |