• DocumentCode
    33417
  • Title

    Packet Inspection for Unauthorized OS Detection in Enterprises

  • Author

    Tyagi, Rohit ; Paul, Tuhin ; Manoj, B.S. ; Thanudas, B.

  • Volume
    13
  • Issue
    4
  • fYear
    2015
  • fDate
    July-Aug. 2015
  • Firstpage
    60
  • Lastpage
    65
  • Abstract
    Many recent malware implementations employ virtual machines to carry out their malicious activities. These are hard to detect because their states can´t be accessed by antivirus software running in the native OS. An approach for OS fingerprinting using TCP SYN packets in an enterprise environment can detect the presence of unauthorized OSs.
  • Keywords
    computer network security; invasive software; operating systems (computers); transport protocols; virtual machines; OS fingerprinting; TCP SYN packet inspection; antivirus software; enterprises; malicious activity; malware; unauthorized OS detection; virtual machine; Databases; Fingerprint recognition; IP networks; Linux; Malware; Virtual machining; OS; enterprise; fingerprinting; header; network; security; traffic packet;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2015.86
  • Filename
    7180275
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=33417