DocumentCode :
33417
Title :
Packet Inspection for Unauthorized OS Detection in Enterprises
Author :
Tyagi, Rohit ; Paul, Tuhin ; Manoj, B.S. ; Thanudas, B.
Volume :
13
Issue :
4
fYear :
2015
fDate :
July-Aug. 2015
Firstpage :
60
Lastpage :
65
Abstract :
Many recent malware implementations employ virtual machines to carry out their malicious activities. These are hard to detect because their states can´t be accessed by antivirus software running in the native OS. An approach for OS fingerprinting using TCP SYN packets in an enterprise environment can detect the presence of unauthorized OSs.
Keywords :
computer network security; invasive software; operating systems (computers); transport protocols; virtual machines; OS fingerprinting; TCP SYN packet inspection; antivirus software; enterprises; malicious activity; malware; unauthorized OS detection; virtual machine; Databases; Fingerprint recognition; IP networks; Linux; Malware; Virtual machining; OS; enterprise; fingerprinting; header; network; security; traffic packet;
fLanguage :
English
Journal_Title :
Security & Privacy, IEEE
Publisher :
ieee
ISSN :
1540-7993
Type :
jour
DOI :
10.1109/MSP.2015.86
Filename :
7180275
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=33417
بازگشت