A Data Mining Based Analysis of Nmap Operating System Fingerprint Database

  • João Paulo S. Medeiros
  • Agostinho M. BritoJr.
  • Paulo S. Motta Pires
Part of the Advances in Intelligent and Soft Computing book series (AINSC, volume 63)

Abstract

An Operating System (OS) fingerprint database is used by Nmap to identify OSes performing TCP/IP (Transmission Control Protocol/Internet Protocol) stack identification. Each entry in Nmap OS fingerprint database (nmap-os-db) represents an OS. Using data mining techniques, we propose three new forms of representation of nmap-os-db that can express how operating systems are similar among them according to their TCP/IP stack implementation. This approach can improve the capability of identifying devices running unknown OSes. Other applications are also presented.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • João Paulo S. Medeiros
    • 1
  • Agostinho M. BritoJr.
    • 1
  • Paulo S. Motta Pires
    • 1
  1. 1.LabSIN - Security Information Laboratory, Department of Computer Engineering and Automation – DCAFederal University of Rio Grande do Norte – UFRNNatalBrazil

Personalised recommendations