PTF: Passive Temporal Fingerprinting

Abstract : We describe in this paper a tool named PTF (Passive and Temporal Fingerprinting) for fingerprinting network devices. The objective of device fingerprinting is to uniquely identify device types by looking at captured traffic from devices imple- menting that protocol. The main novelty of our approach consists in leveraging both temporal and behavioral features for this purpose. The key contribution is a fingerprinting scheme, where individual fingerprints are represented by tree-based temporal finite state machines. We have developed a fingerprinting scheme that leverages supervised learning approaches based on support vector machines for this purpose.
Type de document :
Communication dans un congrès
IEEE. 12th IFIP/IEEE International Symposium on Integrated Network Management - IM'2011, May 2011, Dublin, Ireland. IEEE, 8 p., 2011
Liste complète des métadonnées

https://hal.inria.fr/hal-00645299
Contributeur : Olivier Festor <>
Soumis le : dimanche 27 novembre 2011 - 20:22:35
Dernière modification le : jeudi 11 janvier 2018 - 06:19:49
Document(s) archivé(s) le : vendredi 16 novembre 2012 - 12:12:09

Fichier

77728_1.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-00645299, version 1

Collections

Citation

Jérôme François, Humberto Abdelnur, Radu State, Olivier Festor. PTF: Passive Temporal Fingerprinting. IEEE. 12th IFIP/IEEE International Symposium on Integrated Network Management - IM'2011, May 2011, Dublin, Ireland. IEEE, 8 p., 2011. 〈hal-00645299〉

Partager

Métriques

Consultations de la notice

324

Téléchargements de fichiers

286