University of Twente Student Theses
Using machine learning techniques for advanced passive operating system fingerprinting
Schwartzenberg, J. (2010) Using machine learning techniques for advanced passive operating system fingerprinting.
![[img]](http://essay.utwente.nl/style/images/fileicons/application_pdf.png) |
PDF
1MB |
| Abstract: | TCP/IP fingerprinting is the active or passive collection of information usually extracted from a remote computer’s network stack. The combination of such information can be then used to infer the remote operating system (OS fingerprinting). OS fingerprinting is traditionally based on a database of “signatures”. A signature comprises several features (i.e., pairs attribute/value) extracted from network packets generated by a known operating system. Signatures are manually generated (and updated) by ob- serving several operating systems. There are two types of fingerprinting: active and passive. In this work, we focus on automating the generation and updating of the signatures for passive fingerprinting. By using classification algorithms we deal with fingerprints which do not have an exact match with an already known signature. |
| Item Type: | Essay (Master) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science MSc (60300) |
| Link to this item: | https://purl.utwente.nl/essays/59680 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page