Skip to main content
SpringerLink
Log in
SpringerLink
Log in

A Data Mining Based Analysis of Nmap Operating System Fingerprint Database

  • Conference paper
Computational Intelligence in Security for Information Systems

Part of the book series: Advances in Intelligent and Soft Computing ((AINSC,volume 63))

Abstract

An Operating System (OS) fingerprint database is used by Nmap to identify OSes performing TCP/IP (Transmission Control Protocol/Internet Protocol) stack identification. Each entry in Nmap OS fingerprint database (nmap-os-db) represents an OS. Using data mining techniques, we propose three new forms of representation of nmap-os-db that can express how operating systems are similar among them according to their TCP/IP stack implementation. This approach can improve the capability of identifying devices running unknown OSes. Other applications are also presented.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kohonen, T.: Self-organized formation of topologically correct feature maps. Biological Cybernetics 43(1), 59–69 (1982)

    Article  MATH  MathSciNet  Google Scholar 

  2. Fritzke, B.: A Growing Neural Gas Network Learns Topologies. Advances in Neural Information Processing Systems 7 (1995)

    Google Scholar 

  3. Hartigan, J., Wong, M.: A K-means Clustering Algorithm. JR Stat. Soc. Ser. C-Appl. Stat. 28, 100–108 (1979)

    MATH  Google Scholar 

  4. Fyodor: Remote OS Detection via TCP/IP Fingerprinting. Phrack Magazine 8 (1998)

    Google Scholar 

  5. Fyodor: Nmap Network Scanning. Insecure.Com LLC (2008)

    Google Scholar 

  6. Han, J., Kamber, M.: Data mining: concepts and techniques, 2nd edn. Morgan Kaufmann, San Francisco (2006)

    Google Scholar 

  7. Kohonen, T.: Self-Organizing Maps, 3rd edn. Springer, Heidelberg (2001)

    MATH  Google Scholar 

  8. Haykin, S.: Neural Networks: A Comprehensive Foundation. Prentice-Hall, Englewood Cliffs (1999)

    MATH  Google Scholar 

  9. Apple Developer Connection: Open Source (2009), http://developer.apple.com/opensource/index.html

  10. FreeBSD News: FreeBSD embedded systems (2008), http://www.freebsdnews.net/2008/07/24/freebsd-embedded-systems/

  11. NetBSD Project: Products based on NetBSD (2009), http://www.netbsd.org/gallery/products.html

  12. Martinetz, T., Schulten, K.: A Neural-Gas Network Learns Topologies. Artificial Neural Networks 1, 397–402 (1991)

    Google Scholar 

  13. Medeiros, J.P.S., Cunha, A.C., Brito, A.M., Pires, P.S.M.: Automating Security Tests for Industrial Automation Devices Using Neural Networks. In: Proc. IEEE Conference on Emerging Technologies & Factory Automation, pp. 772–775 (2007)

    Google Scholar 

  14. Medeiros, J.P.S., Cunha, A.C., Brito, A.M., Pires, P.S.M.: Application of Kohonen Maps to Improve Security Tests on Automation Devices. In: Lopez, J., Hämmerli, B.M. (eds.) CRITIS 2007. LNCS, vol. 5141. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  15. OpenBSD PF: The OpenBSD Packet Filter – OpenBSD 4.4 (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LabSIN - Security Information Laboratory, Department of Computer Engineering and Automation – DCA, Federal University of Rio Grande do Norte – UFRN, Natal, 59.078-970, RN, Brazil

    João Paulo S. Medeiros, Agostinho M. Brito Jr. & Paulo S. Motta Pires

Authors
  1. João Paulo S. Medeiros
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Agostinho M. Brito Jr.
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Paulo S. Motta Pires
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Grupo de Inteligencia, Computacional Aplicada, Área de Lenguajes y, Sistemas Informáticos, Escuela Politécnica Superior, Universidad de Burgos , Calle Francisco de Vitoria S/N, Edifico C, 09006, Burgos, Spain

    Álvaro Herrero

  2. Dept. of Biophysical and Electronic Engineering, Genova University , Via Opera Pia 11a, 16145, Genova, Italy

    Paolo Gastaldo

  3. Dept. of Biophysical and Electronic Engineering, Genova University , Via Opera Pia 11a, 16145, Genova, Italy

    Rodolfo Zunino

  4. Grupo de Inteligencia, Computacional Aplicada, Área de Lenguajes y Sistemas Informáticos, Escuela Politénica Superior, Universidad de Burgos , Calle Francisco de Vitoria S/N, Edifico C, 09006, Burgos, Spain

    Emilio Corchado

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Medeiros, J.P.S., Brito, A.M., Pires, P.S.M. (2009). A Data Mining Based Analysis of Nmap Operating System Fingerprint Database. In: Herrero, Á., Gastaldo, P., Zunino, R., Corchado, E. (eds) Computational Intelligence in Security for Information Systems. Advances in Intelligent and Soft Computing, vol 63. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04091-7_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-04091-7_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-04090-0

  • Online ISBN: 978-3-642-04091-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation