2021
DOI: 10.1109/jiot.2020.3024293
|View full text |Cite
|
Sign up to set email alerts
|

A Machine-Learning-Based Tool for Passive OS Fingerprinting With TCP Variant as a Novel Feature

Abstract: With the emergence of Internet of Things (IoT), securing and managing large, complex enterprise network infrastructure requires capturing and analyzing network traffic traces in real-time. An accurate passive Operating System (OS) fingerprinting plays a critical role in effective network management and cybersecurity protection. Passive fingerprinting doesn't send probes that introduce extra load to the network and hence it has a clear advantage over active fingerprinting since it also reduces the risk of trigg… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1

Citation Types

0
1
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
6
2
1

Relationship

0
9

Authors

Journals

citations
Cited by 21 publications
(4 citation statements)
references
References 36 publications
0
1
0
Order By: Relevance
“…The datasets and the research works were published between 2018 and 2020 and should accurately represent current real-world network traffic as the datasets contain network flow capture from large-scale campus network including the OS labels from various OS detection techniques up to the minor OS version detail level. The datasets were recently used by Fan et al [53], Hagos et al [72,73], and Zhang et al [91] from different research groups, which indicates the usability of the dataset. Moreover, the usability of the datasets is supported by more the 500 downloads of the datasets.…”
Section: Datasets and Fingerprinting Featuresmentioning
confidence: 99%
“…The datasets and the research works were published between 2018 and 2020 and should accurately represent current real-world network traffic as the datasets contain network flow capture from large-scale campus network including the OS labels from various OS detection techniques up to the minor OS version detail level. The datasets were recently used by Fan et al [53], Hagos et al [72,73], and Zhang et al [91] from different research groups, which indicates the usability of the dataset. Moreover, the usability of the datasets is supported by more the 500 downloads of the datasets.…”
Section: Datasets and Fingerprinting Featuresmentioning
confidence: 99%
“…Over the past few years, Denial of Service (DoS), Operating System (OS) fingerprinting, and Domain Name System (DNS) botnet techniques have undergone significant advancements, becoming increasingly complex and challenging to identify [1][2][3][4][5][6][7][8]. While these activities may not always constitute an attack in the traditional sense, they encompass a spectrum of activities, including reconnaissance and denial of services.…”
Section: Introductionmentioning
confidence: 99%
“…In this research, we offer a method for automatically generating the MUD profiles of IoT devices, which can subsequently be used to classify similar devices in the network and detect anomalies in their network traffic, such as those caused by compromised firmware or a hacker. The Software Defined Networking (SDN) architecture then takes this formal behavioural profile and translates it into static and dynamic flow rules that the network can enforce at runtime [5][6][7][8][9]. Traffic that follows these guidelines is permitted through, while all other traffic is screened for threats.…”
Section: Introductionmentioning
confidence: 99%