Online Device Fingerprinting

Abstract : Device fingerprinting is powerful for network security assess- ment and intrusion detection because its goal is to get the precise name and version of a remote device. This paper is based on device repre- sentations proposed recently: the syntactic structure of a message and the behavior of a device. A comparison function is associated to both of them in order to be applied with recent classification techniques which leverage supervised learning. The approaches are evaluated with the SIP protocol and the evaluation considers the correctness of the identification and also computational complexity for being applied online. Conclusion exhibits the advantages and drawbacks of each method for choosing the more suitable method according to the network environment.
Type de document :
Communication dans un congrès
3rd International Conference on Computational Intelligence in Security for Information Systems, Nov 2010, Leon, Spain. 2010
Liste complète des métadonnées

https://hal.inria.fr/inria-00547367
Contributeur : Olivier Festor <>
Soumis le : jeudi 16 décembre 2010 - 11:10:56
Dernière modification le : jeudi 11 janvier 2018 - 06:19:50

Identifiants

  • HAL Id : inria-00547367, version 1

Collections

Citation

François Jérôme, State Radu, Olivier Festor, Thomas Engel. Online Device Fingerprinting. 3rd International Conference on Computational Intelligence in Security for Information Systems, Nov 2010, Leon, Spain. 2010. 〈inria-00547367〉

Partager

Métriques

Consultations de la notice

200