Abstract | ||
---|---|---|
This paper addresses the fingerprinting of network devices using semi-supervised clustering. Semi-supervised clustering is a new technique that uses known and labeled data in order to assist a clustering process. We propose two different fingerprinting approaches. The first one is using behavioral features that are induced from a protocol state machine. The second one is relying on the underlying parse trees of messages. Both approaches are passive. We provide a performance analysis on the SIP protocol. Important application domains of our work consist in network intrusion detection and security assessment. |
Year | DOI | Venue |
---|---|---|
2010 | 10.1007/978-3-642-16626-6_12 | COMPUTATIONAL INTELLIGENCE IN SECURITY FOR INFORMATION SYSTEMS 2010 |
Field | DocType | Volume |
Data mining,Network intrusion detection,Computer science,Networking hardware,Session Initiation Protocol,Finite-state machine,Artificial intelligence,Labeled data,Parsing,Cluster analysis,Security assessment,Machine learning | Conference | 85 |
ISSN | Citations | PageRank |
1867-5662 | 1 | 0.37 |
References | Authors | |
10 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jérôme François | 1 | 170 | 21.81 |
Humberto J. Abdelnur | 2 | 60 | 4.27 |
Radu State | 3 | 623 | 86.87 |
Olivier Festor | 4 | 665 | 85.40 |