Analysis of operating system identification via fingerprinting and machine learning

被引：11

作者：

Song, Jinho ^{[1
]}

Cho, ChaeHo ^{[1
]}

Won, Yoojae ^{[1
]}

机构：

[1] Chungnam Natl Univ, Dept Comp Sci Engn, Daejeon, South Korea

来源：

COMPUTERS & ELECTRICAL ENGINEERING | 2019年 / 78卷

关键词：

Operating system fingerprinting; Machine learning; Artificial Neural Network; NetworkMiner; K-nearest Neighbors; Decision Tree;

D O I：

10.1016/j.compeleceng.2019.06.012

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In operating system (OS) fingerprinting, the OS is identified using network packets and a rule-based matching method. However, this matching method has problems when the network packet information is insufficient or the OS is relatively new. This study compares the OS identification capabilities of several machine learning methods, specifically, K-nearest neighbors (K-NN), Decision Tree, and Artificial Neural Network (ANN), to that of a conventional commercial rule-based method. It is shown that the ANN correctly identifies operating systems with 94% probability, which is higher than the accuracy of the conventional rule-based method. (C) 2019 Published by Elsevier Ltd.

引用

页码：1 / 10

页数：10

共 14 条

[1] Al-Shehari Taher, 2014, International Journal of Computer Theory and Engineering, V6, P57, DOI 10.7763/IJCTE.2014.V6.837
[2] Alse BK, 2017, J MULTIDISCIP ENG SC, V4, P8310
[3] Beverly R, 2004, LECT NOTES COMPUT SC, V3015, P158
[4] cem: Coarsened exact matching in Stata
Blackwell, Matthew
Iacus, Stefano
King, Gary
Porro, Giuseppe
[J]. STATA JOURNAL, 2009, 9 (04) : 524 - 546
[5] Meidan Y., 2017, P S APPL COMP, P506, DOI [10.1145/3019612.3019878, DOI 10.1145/3019612.3019878]
[6] Peterson LE., 2009, SCHOLARPEDIA, V4, P1883, DOI [DOI 10.4249/SCHOLARPEDIA.1883, 10.4249/scholarpedia.1883]
[7] Santini Simone, 1995, ACCV, P571
[8] A study on efficient detection of network-based IP spoofing DDoS and malware-infected Systems
Seo, Jung Woo
Lee, Sang Jin
[J]. SPRINGERPLUS, 2016, 5
[9] DNSSEC for cyber forensics
Shulman, Haya
Waidner, Michael
[J]. EURASIP JOURNAL ON INFORMATION SECURITY, 2014, (01): : 1 - 14
[10] A state-of-the-art survey of malware detection approaches using data mining techniques
Souri, Alireza
Hosseini, Rahil
[J]. HUMAN-CENTRIC COMPUTING AND INFORMATION SCIENCES, 2018, 8

← 1 2 →