Abstract
An Operating System (OS) fingerprint database is used by Nmap to identify OSes performing TCP/IP (Transmission Control Protocol/Internet Protocol) stack identification. Each entry in Nmap OS fingerprint database (nmap-os-db) represents an OS. Using data mining techniques, we propose three new forms of representation of nmap-os-db that can express how operating systems are similar among them according to their TCP/IP stack implementation. This approach can improve the capability of identifying devices running unknown OSes. Other applications are also presented.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kohonen, T.: Self-organized formation of topologically correct feature maps. Biological Cybernetics 43(1), 59–69 (1982)
Fritzke, B.: A Growing Neural Gas Network Learns Topologies. Advances in Neural Information Processing Systems 7 (1995)
Hartigan, J., Wong, M.: A K-means Clustering Algorithm. JR Stat. Soc. Ser. C-Appl. Stat. 28, 100–108 (1979)
Fyodor: Remote OS Detection via TCP/IP Fingerprinting. Phrack Magazine 8 (1998)
Fyodor: Nmap Network Scanning. Insecure.Com LLC (2008)
Han, J., Kamber, M.: Data mining: concepts and techniques, 2nd edn. Morgan Kaufmann, San Francisco (2006)
Kohonen, T.: Self-Organizing Maps, 3rd edn. Springer, Heidelberg (2001)
Haykin, S.: Neural Networks: A Comprehensive Foundation. Prentice-Hall, Englewood Cliffs (1999)
Apple Developer Connection: Open Source (2009), http://developer.apple.com/opensource/index.html
FreeBSD News: FreeBSD embedded systems (2008), http://www.freebsdnews.net/2008/07/24/freebsd-embedded-systems/
NetBSD Project: Products based on NetBSD (2009), http://www.netbsd.org/gallery/products.html
Martinetz, T., Schulten, K.: A Neural-Gas Network Learns Topologies. Artificial Neural Networks 1, 397–402 (1991)
Medeiros, J.P.S., Cunha, A.C., Brito, A.M., Pires, P.S.M.: Automating Security Tests for Industrial Automation Devices Using Neural Networks. In: Proc. IEEE Conference on Emerging Technologies & Factory Automation, pp. 772–775 (2007)
Medeiros, J.P.S., Cunha, A.C., Brito, A.M., Pires, P.S.M.: Application of Kohonen Maps to Improve Security Tests on Automation Devices. In: Lopez, J., Hämmerli, B.M. (eds.) CRITIS 2007. LNCS, vol. 5141. Springer, Heidelberg (2008)
OpenBSD PF: The OpenBSD Packet Filter – OpenBSD 4.4 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Medeiros, J.P.S., Brito, A.M., Pires, P.S.M. (2009). A Data Mining Based Analysis of Nmap Operating System Fingerprint Database. In: Herrero, Á., Gastaldo, P., Zunino, R., Corchado, E. (eds) Computational Intelligence in Security for Information Systems. Advances in Intelligent and Soft Computing, vol 63. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04091-7_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-04091-7_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04090-0
Online ISBN: 978-3-642-04091-7
eBook Packages: EngineeringEngineering (R0)