Identifying Operating System Using Flow-based Traffic
Fingerprinting

D 2014

Identifying Operating System Using Flow-based Traffic Fingerprinting

JIRSÍK, Tomáš a Pavel ČELEDA

Základní údaje

Originální název

Identifying Operating System Using Flow-based Traffic Fingerprinting

Autoři

JIRSÍK, Tomáš a Pavel ČELEDA

Vydání

Heidelberg, Advances in Communication Networking, Lecture Notes in Computer Science, Vol. 8846, od s. 70-73, 4 s. 2014

Nakladatel

Springer International Publishing

Další údaje

Jazyk

angličtina

Typ výsledku

Stať ve sborníku

Obor

10201 Computer sciences, information science, bioinformatics

Stát vydavatele

Německo

Utajení

není předmětem státního či obchodního tajemství

Forma vydání

tištěná verze "print"

Odkazy

URL

Impakt faktor

Impact factor: 0.402 v roce 2005

Označené pro přenos do RIV

Ano

Kód RIV

RIV/00216224:14610/14:00073235

Organizační jednotka

Ústav výpočetní techniky

ISBN

978-3-319-13487-1

ISSN

Klíčová slova anglicky

OS fingerprinting; passive; high-throughput; p0f; flow

Štítky

rivok

Příznaky

Mezinárodní význam, Recenzováno

Změněno: 16. 3. 2016 11:30, Mgr. Marta Novotná Buršíková

Anotace

V originále

Many vulnerabilities are operating system specific. Information about the OS of all hosts in a network represents a valuable asset for network administrators. While OS detection in small networks is an easy task, expanding the same process on a large scale becomes a challenge. The weak performance, high speed traffic and large amount of hosts for OS detection are issues to overcome. In this paper we propose a flow based framework for large scale OS detection. Furthermore, we describe the framework implementation into a flow probe, provide performance comparison and share remarks on deployment in a real world network.

Návaznosti

VG20132015103, projekt VaV

Název: Kybernetický polygon (Akronym: KYPO)

Investor: Ministerstvo vnitra ČR, Kybernetický polygon

Přiložené soubory

os-detection-paper-eunice2014.pdf

os-detection-presentation-eunice2014.pdf

Citovat

JIRSÍK, Tomáš a Pavel ČELEDA. Identifying Operating System Using Flow-based Traffic Fingerprinting. In Yvon Kermarrec. Advances in Communication Networking, Lecture Notes in Computer Science, Vol. 8846. Heidelberg: Springer International Publishing, 2014, s. 70-73. ISBN 978-3-319-13487-1. Dostupné z: https://doi.org/10.1007/978-3-319-13488-8_7.

@inproceedings{1196642,
   author = {Jirsík, Tomáš and Čeleda, Pavel},
   address = {Heidelberg},
   booktitle = {Advances in Communication Networking, Lecture Notes in Computer Science, Vol. 8846},
   doi = {https://doi.org/10.1007/978-3-319-13488-8_7},
   editor = {Yvon Kermarrec},
   keywords = {OS fingerprinting; passive; high-throughput; p0f; flow},
   howpublished = {tištěná verze "print"},
   language = {eng},
   location = {Heidelberg},
   isbn = {978-3-319-13487-1},
   pages = {70-73},
   publisher = {Springer International Publishing},
   title = {Identifying Operating System Using Flow-based Traffic Fingerprinting},
   url = {http://dx.doi.org/10.1007/978-3-319-13488-8_7},
   year = {2014}
}

TY  - CONF
ID  - 1196642
AU  - Jirsík, Tomáš - Čeleda, Pavel
PY  - 2014
TI  - Identifying Operating System Using Flow-based Traffic Fingerprinting
PB  - Springer International Publishing
CY  - Heidelberg
SN  - 9783319134871
KW  - OS fingerprinting
KW  - passive
KW  - high-throughput
KW  - p0f
KW  - flow
UR  - http://dx.doi.org/10.1007/978-3-319-13488-8_7
N2  - Many vulnerabilities are operating system specific. Information about the OS of all hosts in a network represents a valuable asset for network administrators. While OS detection in small networks is an easy task, expanding the same process on a large scale becomes a challenge. The weak performance, high speed traffic and large amount of hosts for OS detection are issues to overcome. In this paper we propose a flow based framework for large scale OS detection. Furthermore, we describe the framework implementation into a flow probe, provide performance comparison and share remarks on deployment in a real world network.
ER  -

JIRSÍK, Tomáš a Pavel ČELEDA. Identifying Operating System Using Flow-based Traffic Fingerprinting. In Yvon Kermarrec. \textit{Advances in Communication Networking, Lecture Notes in Computer Science, Vol. 8846}. Heidelberg: Springer International Publishing, 2014, s.~70-73. ISBN~978-3-319-13487-1. Dostupné z: https://doi.org/10.1007/978-3-319-13488-8\_{}7.

Přehled o publikaci