Name
Abstract | ||
|---|---|---|
Security assessment tasks and intrusion detection systems do rely on automated fingerprinting of devices and services. Most
current fingerprinting approaches use a signature matching scheme, where a set of signatures are compared with traffic issued
by an unknown entity. The entity is identified by finding the closest match with the stored signatures. These fingerprinting
signatures are found mostly manually, requiring a laborious activity and needing advanced domain specific expertise. In this
paper we describe a novel approach to automate this process and build flexible and efficient fingerprinting systems able to
identify the source entity of messages in the network. We follow a passive approach without need to interact with the tested
device. Application level traffic is captured passively and inherent structural features are used for the classification process.
We describe and assess a new technique for the automated extraction of protocol fingerprints based on arborescent features
extracted from the underlying grammar. We have successfully applied our technique to the Session Initiation Protocol (SIP)
used in Voice over IP signalling.
|
Year | DOI | Venue |
|---|---|---|
2008 | 10.1007/978-3-540-87403-4_20 | Recent Advances in Intrusion Detection |
Keywords | Field | DocType |
passive fingerprinting,advanced network fingerprinting,application level traffic,source entity,feature extraction,unknown entity,fingerprinting signature,current fingerprinting approach,efficient fingerprinting system,structural syn- tax inference.,classification process,automated extraction,automated fingerprinting,new technique,intrusion detection system,voice over ip,session initiation protocol | Data mining,Computer science,Computer security,Feature extraction,Session Initiation Protocol,Intrusion detection system,Security assessment,Voice over IP | Conference |
Volume | ISSN | Citations |
5230 | 0302-9743 | 7 |
PageRank | References | Authors |
0.53 | 17 | 3 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Humberto J. Abdelnur | 1 | 60 | 4.27 |
| Radu State | 2 | 623 | 86.87 |
| Olivier Festor | 3 | 665 | 85.40 |