Neural Networks: A Comprehensive Foundation
Neural Networks: A Comprehensive Foundation
Self-Organizing Maps
Security Aspects of SCADA and Corporate Network Interconnection: An Overview
DEPCOS-RELCOMEX '06 Proceedings of the International Conference on Dependability of Computer Systems
Application of kohonen maps to improve security tests on automation devices
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
CISIS'11 Proceedings of the 4th international conference on Computational intelligence in security for information systems
An effective TCP/IP fingerprinting technique based on strange attractors classification
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
| Hi-index | 0.00 |
TCP/IP fingerprinting is the task of identify a machine operating system according to its TCP/IP protocol stack implementation. It can be used to help automation technology professionals to perform security tests against a device before put it into production. Current tools that perform TCP/IP fingerprinting can damage automation devices operation because of the specially crafted TCP/IP packets that are sent to the probed devices. Instead of these packets, this paper proposes a technique that uses a simple TCP SYN message to collect TCP ISN (Initial Sequence Number) samples. Signal processing tools are used to classify the operating systems based on these samples. We conclude that it is possible to recognize operating systems using only one open TCP port on the target machine without compromise the device operation.