A Data Mining Based Analysis of Nmap Operating System Fingerprint Database
- Cite this paper as:
- Medeiros J.P.S., Brito A.M., Pires P.S.M. (2009) A Data Mining Based Analysis of Nmap Operating System Fingerprint Database. In: Herrero Á., Gastaldo P., Zunino R., Corchado E. (eds) Computational Intelligence in Security for Information Systems. Advances in Intelligent and Soft Computing, vol 63. Springer, Berlin, Heidelberg
An Operating System (OS) fingerprint database is used by Nmap to identify OSes performing TCP/IP (Transmission Control Protocol/Internet Protocol) stack identification. Each entry in Nmap OS fingerprint database (nmap-os-db) represents an OS. Using data mining techniques, we propose three new forms of representation of nmap-os-db that can express how operating systems are similar among them according to their TCP/IP stack implementation. This approach can improve the capability of identifying devices running unknown OSes. Other applications are also presented.
Unable to display preview. Download preview PDF.