Self-Organizing Maps
Virtual honeypots: from botnet tracking to intrusion detection
Virtual honeypots: from botnet tracking to intrusion detection
A new method for recognizing operating systems of automation devices
ETFA'09 Proceedings of the 14th IEEE international conference on Emerging technologies & factory automation
Application of kohonen maps to improve security tests on automation devices
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
CISIS'11 Proceedings of the 4th international conference on Computational intelligence in security for information systems
Hi-index | 0.00 |
We propose a new technique to perform TCP/IP (Transmission Control Protocol/Internet Protocol) stack fingerprinting. Our technique relies on chaotic dynamics theory and artificial neural networks applied to TCP ISN (Initial Sequence Number) samples making possible to associate strange attractors to operating systems. We show that it is possible to recognize operating systems using only an open TCP port on the target machine. Also, we present results which shows that our technique cannot be fooled by Honeyd or affected by PAT (Port Address Translation) environments.