| Revue: | Computación y sistemas |
| Base de datos: | |
| Número de sistema: | 000560796 |
| ISSN: | 1405-5546 |
| Autores: | González, Florencio J.1 Aguirre Anaya, Eleazar1 Salinas Rosales, Moisés1 Miyaji, Atsuko2 |
| Instituciones: | 1Instituto Politécnico Nacional, Computing Research Center, México 2Osaka University Department of Information and Communications Technology, Japón |
| Año: | 2023 |
| Periodo: | Abr-Jun |
| Volumen: | 27 |
| Número: | 2 |
| Paginación: | 581-592 |
| País: | México |
| Idioma: | Inglés |
| Resumen en inglés | During a network scanning, identifying the operating system (OS) running on each network attached host has been a research topic for a long time. Researchers have developed different approaches through network analysis using either passive or active techniques, such techniques are commonly called “OS fingerprinting”. According to best security practices, a set of security mechanisms should be applied to prevent OS fingerprinting by penetration testers. This article presents an experimental study to identify the parameters used by security controls to obfuscate their behavior on the network. A novel strategy is proposed to identify network devices despite static and dynamic obfuscation caused by security controls such as NAT, protocol scrubbers, or hardened systems. Targets were identified in virtual and native environments with a high degree of precisión, by means of a layered classification model integrated by K-means, KNN, Naive Bayes, SVM and ADA Boost classifiers. |
| Keyword: | OS obfuscation, OS fingerprinting, Moving target defense identification, Security architecture, Machine learning |
| Texte intégral: | Texto completo (Ver HTML) Texto completo (Ver PDF) |
