A Data Mining Based Analysis of Nmap Operating System Fingerprint Database

Capítulo de livro

Produção Nacional

A Data Mining Based Analysis of Nmap Operating System Fingerprint Database

2009; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-3-642-04091-7_1

ISSN

1867-5670

Autores

João Paulo S. Medeiros, Agostinho M. Brito, Paulo S. Motta Pires,

Tópico(s)

Advanced Malware Detection Techniques

Resumo

An Operating System (OS) fingerprint database is used by Nmap to identify OSes performing TCP/IP (Transmission Control Protocol/Internet Protocol) stack identification. Each entry in Nmap OS fingerprint database (nmap-os-db) represents an OS. Using data mining techniques, we propose three new forms of representation of nmap-os-db that can express how operating systems are similar among them according to their TCP/IP stack implementation. This approach can improve the capability of identifying devices running unknown OSes. Other applications are also presented.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

A Data Mining Based Analysis of Nmap Operating System Fingerprint Database