Title :
PTF: Passive Temporal Fingerprinting
Author :
François, Jérôme ; Abdelnur, Humberto ; State, Radu ; Festor, Olivier
Author_Institution :
Interdiscipl. Center for Security, Reliability & Trust, Univ. of Luxembourg, Luxembourg, Luxembourg
Abstract :
We describe in this paper a tool named PTF (Passive and Temporal Fingerprinting) for fingerprinting network devices. The objective of device fingerprinting is to uniquely identify device types by looking at captured traffic from devices implementing that protocol. The main novelty of our approach consists in leveraging both temporal and behavioral features for this purpose. The key contribution is a fingerprinting scheme, where individual fingerprints are represented by tree-based temporal finite state machines. We have developed a fingerprinting scheme that leverages supervised learning approaches based on support vector machines for this purpose.
Keywords :
finite state machines; learning (artificial intelligence); protocols; support vector machines; fingerprinting network devices; passive temporal fingerprinting; protocol; supervised learning approach; support vector machines; tree-based temporal finite state machines; Delay; Fingerprint recognition; Software; Training;
Conference_Titel :
Integrated Network Management (IM), 2011 IFIP/IEEE International Symposium on
Conference_Location :
Dublin
Print_ISBN :
978-1-4244-9219-0
Electronic_ISBN :
978-1-4244-9220-6
DOI :
10.1109/INM.2011.5990703
