Name
Abstract | ||
|---|---|---|
Traditional TCP/IP fingerprinting tools (e.g., nmap) are poorly suited for Internet-wide use due to the large amount of traffic and intrusive nature of the probes. This can be overcome by approaches that rely on a single SYN packet to elicit a vector of features from the remote server; however, these methods face difficult classification problems due to the high volatility of the features and severely limited amounts of information contained therein. Since these techniques have not been studied before, we first pioneer stochastic theory of single-packet OS fingerprinting, build a database of 116 OSes, design a classifier based on our models, evaluate its accuracy in simulations, and then perform OS classification of 37.8M hosts from an Internet-wide scan. |
Year | DOI | Venue |
|---|---|---|
2014 | 10.1109/TNET.2015.2447492 | IEEE/ACM Trans. Netw. |
Keywords | Field | DocType |
Internet,Jitter,Servers,Loss measurement,IP networks,Probes,Ports (Computers) | Data mining,Computer science,Stochastic theory,Network packet,Internet measurement,Transmission Control Protocol,Classifier (linguistics),Volatility (finance) | Conference |
Volume | Issue | ISSN |
24 | 4 | 1063-6692 |
Citations | PageRank | References |
7 | 0.49 | 29 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Zain Shamsi | 1 | 11 | 1.61 |
| Ankur Nandwani | 2 | 7 | 0.49 |
| Derek Leonard | 3 | 299 | 15.85 |
| Dmitri Loguinov | 4 | 1298 | 91.08 |