Using Neural Networks to improve classical Operating System Fingerprinting techniques

We present remote Operating System detection as an inference problem: given a set of observations (the target host responses to a set of tests), we want to infer the OS type which most probably generated these observations. Classical techniques used to perform this analysis present several limitatio...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Sarraute, Carlos, Burroni, Javier
Formato: Articulo
Lenguaje:Inglés
Publicado: 2008
Materias:
Ciencias Informáticas
Neural networks
OS Fingerprinting
DCE-RPC endpoint mapper
Acceso en línea:http://sedici.unlp.edu.ar/handle/10915/135408
https://publicaciones.sadio.org.ar/index.php/EJS/article/view/98
Aporte de:
SEDICI (UNLP) de Universidad Nacional de La Plata
id I19-R120-10915-135408
record_format dspace
institution Universidad Nacional de La Plata
institution_str I-19
repository_str R-120
collection SEDICI (UNLP)
language Inglés
topic Ciencias Informáticas
Neural networks
OS Fingerprinting
DCE-RPC endpoint mapper
spellingShingle Ciencias Informáticas
Neural networks
OS Fingerprinting
DCE-RPC endpoint mapper
Sarraute, Carlos
Burroni, Javier
Using Neural Networks to improve classical Operating System Fingerprinting techniques
topic_facet Ciencias Informáticas
Neural networks
OS Fingerprinting
DCE-RPC endpoint mapper
description We present remote Operating System detection as an inference problem: given a set of observations (the target host responses to a set of tests), we want to infer the OS type which most probably generated these observations. Classical techniques used to perform this analysis present several limitations. To improve the analysis, we have developed tools using neural networks and Statistics tools. We present two working modules: one which uses DCE-RPC endpoints to distinguish Windows versions, and another which uses Nmap signatures to distinguish different version of Windows, Linux, Solaris, OpenBSD, FreeBSD and NetBSD systems. We explain the details of the topology and inner workings of the neural networks used, and the fine tuning of their parameters. Finally we show positive experimental results.
format Articulo
Articulo
author Sarraute, Carlos
Burroni, Javier
author_facet Sarraute, Carlos
Burroni, Javier
author_sort Sarraute, Carlos
title Using Neural Networks to improve classical Operating System Fingerprinting techniques
title_short Using Neural Networks to improve classical Operating System Fingerprinting techniques
title_full Using Neural Networks to improve classical Operating System Fingerprinting techniques
title_fullStr Using Neural Networks to improve classical Operating System Fingerprinting techniques
title_full_unstemmed Using Neural Networks to improve classical Operating System Fingerprinting techniques
title_sort using neural networks to improve classical operating system fingerprinting techniques
publishDate 2008
url http://sedici.unlp.edu.ar/handle/10915/135408
https://publicaciones.sadio.org.ar/index.php/EJS/article/view/98
work_keys_str_mv AT sarrautecarlos usingneuralnetworkstoimproveclassicaloperatingsystemfingerprintingtechniques
AT burronijavier usingneuralnetworkstoimproveclassicaloperatingsystemfingerprintingtechniques
bdutipo_str Repositorios
_version_ 1764820455338803201

Ejemplares similares