{"title":"PTF: Passive Temporal Fingerprinting","authors":"J. François, H. Abdelnur, R. State, O. Festor","doi":"10.1109/INM.2011.5990703","DOIUrl":null,"url":null,"abstract":"We describe in this paper a tool named PTF (Passive and Temporal Fingerprinting) for fingerprinting network devices. The objective of device fingerprinting is to uniquely identify device types by looking at captured traffic from devices implementing that protocol. The main novelty of our approach consists in leveraging both temporal and behavioral features for this purpose. The key contribution is a fingerprinting scheme, where individual fingerprints are represented by tree-based temporal finite state machines. We have developed a fingerprinting scheme that leverages supervised learning approaches based on support vector machines for this purpose.","PeriodicalId":433520,"journal":{"name":"12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"27","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INM.2011.5990703","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 27
Abstract
We describe in this paper a tool named PTF (Passive and Temporal Fingerprinting) for fingerprinting network devices. The objective of device fingerprinting is to uniquely identify device types by looking at captured traffic from devices implementing that protocol. The main novelty of our approach consists in leveraging both temporal and behavioral features for this purpose. The key contribution is a fingerprinting scheme, where individual fingerprints are represented by tree-based temporal finite state machines. We have developed a fingerprinting scheme that leverages supervised learning approaches based on support vector machines for this purpose.
本文描述了一种用于指纹识别网络设备的工具PTF (Passive and Temporal Fingerprinting)。设备指纹识别的目标是通过查看从实现该协议的设备捕获的流量来唯一地标识设备类型。我们的方法的主要新颖之处在于利用时间和行为特征来实现这一目的。关键贡献是指纹方案,其中单个指纹由基于树的时间有限状态机表示。我们开发了一种指纹识别方案,利用基于支持向量机的监督学习方法来实现这一目的。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
