Sciweavers

CCS
2010
ACM

The limits of automatic OS fingerprint generation

13 years 10 months ago
The limits of automatic OS fingerprint generation
Remote operating system fingerprinting relies on implementation differences between OSs to identify the specific variant executing on a remote host. Because these differences can be subtle and difficult to find, most fingerprinting tools require expert manual effort to construct discriminative fingerprints and classification models. In prior work, Caballero et al. proposed a promising technique to eliminate manual intervention: the automatic generation of fingerprints using an approach similar to fuzz testing [6]. Their work evaluated the technique in a small-scale, carefully controlled test environment. In this paper, we re-examine automatic OS fingerprinting in a more challenging large-scale scenario to better understand the viability of the technique. In contrast to the prior work, we find that automatic fingerprint generation suffers from several limitations and technical hurdles that can limit its effectiveness, particularly in more demanding, realistic environments. We use machi...
David W. Richardson, Steven D. Gribble, Tadayoshi
Added 10 Feb 2011
Updated 10 Feb 2011
Type Journal
Year 2010
Where CCS
Authors David W. Richardson, Steven D. Gribble, Tadayoshi Kohno
Comments (0)