Advanced Fingerprinting For Inventory Management
Résumé
Identifying the protocol stack or the device version of remote equipment is a powerful tool for security assessment and network management. This paper proposes two novel fingerprinting techniques based on the syntactic tree representation of messages. The first leverages the support vector machines paradigm and needs a learning stage while the second one executed in an unsupervised manner thanks to a new classification algorithm. The approaches are validated through extensive experimentations and show very good behaviors.
Origine : Fichiers produits par l'(les) auteur(s)