Using Answer Set Programming to Enhance Operating System Discovery
Although knowing the operating systems running in a network is becoming more and more important (mainly for security reasons), current operating system discovery tools are not sufficiently accurate to acquire the information in a fully automated way. Many design choices explain this lack of accuracy, but they all come down to a poor knowledge representation scheme. In this paper, we study how answer set programming can be used to guide the design of a knowledge-oriented operating system discovery tool. The result is significantly more accurate than today’s state of the art tools.
KeywordsPassive Module Passive Tool Current Knowledge State Intensional Database Modeling Complex Communi
Unable to display preview. Download preview PDF.
- 1.Gagnon, F., Esfandiari, B., Bertossi, L.: A Hybrid Approach to Operating System Discovery Using Answer Set Programming. In: Proceedings of the 10th IFIP/IEEE Symposium on Integrated Management (IM 2007), pp. 391–400 (2007)Google Scholar
- 2.Gagnon, F., Massicotte, F., Esfandiari, B.: Using Contextual Information for IDS Alarm Classification. In: Flegel, U., Bruschi, D. (eds.) DIMVA 2009. LNCS, vol. 5587, pp. 147–156. Springer, Heidelberg (2009)Google Scholar