• DocumentCode
    2845442
  • Title

    PTF: Passive Temporal Fingerprinting

  • Author

    François, Jérôme ; Abdelnur, Humberto ; State, Radu ; Festor, Olivier

  • Author_Institution
    Interdiscipl. Center for Security, Reliability & Trust, Univ. of Luxembourg, Luxembourg, Luxembourg
  • fYear
    2011
  • fDate
    23-27 May 2011
  • Firstpage
    289
  • Lastpage
    296
  • Abstract
    We describe in this paper a tool named PTF (Passive and Temporal Fingerprinting) for fingerprinting network devices. The objective of device fingerprinting is to uniquely identify device types by looking at captured traffic from devices implementing that protocol. The main novelty of our approach consists in leveraging both temporal and behavioral features for this purpose. The key contribution is a fingerprinting scheme, where individual fingerprints are represented by tree-based temporal finite state machines. We have developed a fingerprinting scheme that leverages supervised learning approaches based on support vector machines for this purpose.
  • Keywords
    finite state machines; learning (artificial intelligence); protocols; support vector machines; fingerprinting network devices; passive temporal fingerprinting; protocol; supervised learning approach; support vector machines; tree-based temporal finite state machines; Delay; Fingerprint recognition; Software; Training;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Integrated Network Management (IM), 2011 IFIP/IEEE International Symposium on
  • Conference_Location
    Dublin
  • Print_ISBN
    978-1-4244-9219-0
  • Electronic_ISBN
    978-1-4244-9220-6
  • Type

    conf

  • DOI
    10.1109/INM.2011.5990703
  • Filename
    5990703
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2845442