Show simple item record

dc.contributor.advisorLoguinov, Dmitri
dc.creatorShamsi, Zain Sarfaraz
dc.date.accessioned2017-08-21T14:35:56Z
dc.date.available2019-05-01T06:09:07Z
dc.date.created2017-05
dc.date.issued2017-04-07
dc.date.submittedMay 2017
dc.identifier.urihttp://hdl.handle.net/1969.1/161371
dc.description.abstractThe Internet has become ubiquitous in our lives today. With its rapid adoption and widespread growth across the planet, it has drawn many research efforts that attempt to understand and characterize this complex system. One such direction tries to discover the types of devices that compose the Internet, which is the topic of this dissertation. To accomplish such a measurement, researchers have turned to a technique called OS fingerprinting, which is a method to determine the operating system (OS) of a remote host. However, because the Internet today has evolved into a massive public network, large-scale OS fingerprinting has become a challenging problem. Due to increasing security concerns, most networks today will block many of the probes used by traditional fingerprinting tools (e.g., Nmap), thus requiring a different approach. Consequently, this has given rise to single-probe techniques which offer low overhead and minimal intrusiveness, but in turn require more sophistication in their algorithms as they are limited in the amount of information that they receive and many parameters can inject noise in the measurement (e.g., network delay, packet loss). This dissertation focuses on understanding the performance of single-probe algorithms. We study existing methods, formalize current problems in the field and devise new algorithms to improve classification accuracy and automate construction of fingerprint databases. We apply our work to multiple Internet-wide scans and discover that besides general purpose machines, the Internet today has grown to include large numbers of publicly accessible peripheral devices (e.g., routers, printers, cameras) and cyber-physical systems (e.g., lighting controllers, medical sensors). We go on to recover empirical distributions of network delays and loss, as well as likelihoods of users re-configuring their devices. With our developed techniques and results, we show that single-probe algorithms are an effective approach for accomplishing wide-scale network measurements.en
dc.format.mimetypeapplication/pdf
dc.language.isoen
dc.subjectOS fingerprintingen
dc.subjectInternet measurementen
dc.subjectnetwork securityen
dc.subjectclassificationen
dc.titleScalable OS Fingerprinting: Classification Problems and Applicationsen
dc.typeThesisen
thesis.degree.departmentComputer Science and Engineeringen
thesis.degree.disciplineComputer Scienceen
thesis.degree.grantorTexas A & M Universityen
thesis.degree.nameDoctor of Philosophyen
thesis.degree.levelDoctoralen
dc.contributor.committeeMemberBettati, Riccardo
dc.contributor.committeeMemberReddy, Narasimha
dc.contributor.committeeMemberStoleru, Radu
dc.type.materialtexten
dc.date.updated2017-08-21T14:35:56Z
local.embargo.terms2019-05-01
local.etdauthor.orcid0000-0001-8100-289X


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record