Publication details

Identifying Operating System Using Flow-based Traffic Fingerprinting

Authors

JIRSÍK Tomáš ČELEDA Pavel

Year of publication 2014
Type Article in Proceedings
Conference Advances in Communication Networking, Lecture Notes in Computer Science, Vol. 8846
MU Faculty or unit

Institute of Computer Science

Citation
web http://dx.doi.org/10.1007/978-3-319-13488-8_7
Doi http://dx.doi.org/10.1007/978-3-319-13488-8_7
Field Informatics
Keywords OS fingerprinting; passive; high-throughput; p0f; flow
Attached files
Description Many vulnerabilities are operating system specific. Information about the OS of all hosts in a network represents a valuable asset for network administrators. While OS detection in small networks is an easy task, expanding the same process on a large scale becomes a challenge. The weak performance, high speed traffic and large amount of hosts for OS detection are issues to overcome. In this paper we propose a flow based framework for large scale OS detection. Furthermore, we describe the framework implementation into a flow probe, provide performance comparison and share remarks on deployment in a real world network.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info