Remote OS Fingerprinting Using BP Neural Network

Li, Wenwei; Zhang, Dafang; Yang, Jinmin

doi:10.1007/11427469_59

Wenwei Li¹⁹,
Dafang Zhang¹⁹ &
Jinmin Yang²⁰

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3498))

Included in the following conference series:

International Symposium on Neural Networks

1199 Accesses
2 Citations

Abstract

Remote OS fingerprinting is valuable in areas such as network security, Internet modeling, and end-to-end application design, etc. While current rule-based tools fail to detect the OS of remote host with high accuracy, for users may modify their TCP/IP parameters or employ stack “scrubbers”. In this paper, a BP neural network based classifier is proposed for accurately fingerprinting the OS of remote host. To avoid the shortages of traditional BP algorithm, the classifier is also enforced with Levenberg-Marquardt algorithm. Experimental results on packet traces collected at an access link of a website show that, rule-based tools can’t identify as many as 10.6% of the hosts. While the BP neural network based classifier is far more accurate, it can successfully identify about 97.8% hosts in the experiment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Cao, Y., Liao, X., Li, Y.: An E-mail Filtering Approach Using Neural Network. In: Yin, F.-L., Wang, J., Guo, C. (eds.) ISNN 2004. LNCS, vol. 3174, pp. 688–694. Springer, Heidelberg (2004)
Chapter Google Scholar
Zalewski, M.: Passive OS Fingerprinting Tool (2003), http://lcamtuf.coredump.cx/p0f.shtml
Smart, M., Malan, G.R., Jahanian, F.: Defeating TCP/IP Stack Fingerprinting. In: Proc. of the 9th USENIX Security Symposium (2000)
Google Scholar
Yang, S., Yi, Z.: Self-Organizing Feature Map Based Data Mining. In: LNCS, vol. 3174, pp. 193–198. Springer, Heidelberg (2004)
Google Scholar
Yang, Y., Cao, J., Zhu, D.: A Study of Portfolio Investment Decision Method Based on Neural Network. In: Yin, F.-L., Wang, J., Guo, C. (eds.) ISNN 2004. LNCS, vol. 3174, pp. 976–981. Springer, Heidelberg (2004)
Chapter Google Scholar
Taleck, G.: Ambiguity Resolution via Passive OS Fingerprinting. In: Proc. 6th International Symposium on Recent Advances in Intrusion Detection (2003)
Google Scholar
Guo, G., Kuh, A.: An Optimal Neural-Network Model for Learning Posterior Probability Functions from Observations. In: Yin, F.-L., Wang, J., Guo, C. (eds.) ISNN 2004. LNCS, vol. 3173, pp. 370–376. Springer, Heidelberg (2004)
Chapter Google Scholar
Zeng, Z., Huang, D., Wang, Z.: Stability Analysis of Discrete-Time Cellular Neural Networks. In: Yin, F.-L., Wang, J., Guo, C. (eds.) ISNN 2004. LNCS, vol. 3173, pp. 114–119. Springer, Heidelberg (2004)
Chapter Google Scholar
Senie, D.: Network Address Translator (NAT)-friendly Application Design Guidelines. RFC 3235, Internet Engineering Task Force (2002)
Google Scholar
Fyodor: Active remote OS fingerprinting (1998), http://www.insecure.org/nmap
Ye, M., Yi, Z.: On the Discrete Time Dynamics of the MCA Neural Networks. In: Yin, F.-L., Wang, J., Guo, C. (eds.) ISNN 2004. LNCS, vol. 3173, pp. 815–821. Springer, Heidelberg (2004)
Chapter Google Scholar
Sun, F., Zhang, H., Wu, H.: Neuro-Fuzzy Hybrid Position/Force Control for a Space Robot with Flexible Dual-Arms. In: Yin, F.-L., Wang, J., Guo, C. (eds.) ISNN 2004. LNCS, vol. 3174, pp. 13–18. Springer, Heidelberg (2004)
Chapter Google Scholar
Paxson, V.: Automated packet trace analysis of TCP implementations. In: SIGCOMM, pp. 167–179 (1997)
Google Scholar
Sun, C., Li, X., Feng, C.B.: On Robust Periodicity of Delayed Dynamical Systems with Time-varying Parameters. In: Yin, F.-L., Wang, J., Guo, C. (eds.) ISNN 2004. LNCS, vol. 3173, pp. 32–37. Springer, Heidelberg (2004)
Chapter Google Scholar
Lu, W., Lu, H., Shen, R.: Color Image Watermarking Based on Neural Networks. In: Yin, F.-L., Wang, J., Guo, C. (eds.) ISNN 2004. LNCS, vol. 3174, pp. 651–656. Springer, Heidelberg (2004)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

College of Computer and Communication, Hunan University, Changsha, 410082, China
Wenwei Li & Dafang Zhang
School of Software, Hunan University, Changsha, 410082, China
Jinmin Yang

Authors

Wenwei Li
View author publications
You can also search for this author in PubMed Google Scholar
Dafang Zhang
View author publications
You can also search for this author in PubMed Google Scholar
Jinmin Yang
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Mechanical and Automation Engineering, The Chinese University of Hong Kong, Shatin, New Territories, Hong Kong, China
Jun Wang
The Key Laboratory of Optoelectric Technology & Systems, Ministry of Education, China
Xiao-Feng Liao
Computational Intelligence Laboratory, School of Computer Science and Engineering, University of Electronic Science and Technology of China, 610054, Chengdu, P.R. China
Zhang Yi

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Li, W., Zhang, D., Yang, J. (2005). Remote OS Fingerprinting Using BP Neural Network. In: Wang, J., Liao, XF., Yi, Z. (eds) Advances in Neural Networks – ISNN 2005. ISNN 2005. Lecture Notes in Computer Science, vol 3498. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11427469_59

Download citation

DOI: https://doi.org/10.1007/11427469_59
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25914-5
Online ISBN: 978-3-540-32069-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics