Title:
A framework for system fingerprinting
A framework for system fingerprinting
| dc.contributor.advisor | Beyah, Raheem A. | |
| dc.contributor.author | Radhakrishnan, Sakthi Vignesh | en_US |
| dc.contributor.committeeMember | Owen, Henry L. | |
| dc.contributor.committeeMember | Copeland, John A. | |
| dc.contributor.department | Electrical and Computer Engineering | en_US |
| dc.date.accessioned | 2013-06-15T02:45:43Z | |
| dc.date.available | 2013-06-15T02:45:43Z | |
| dc.date.issued | 2013-03-29 | en_US |
| dc.description.abstract | The primary objective of the proposed research is to develop a framework for smart and robust fingerprinting of networked systems. Many fingerprinting techniques have been proposed in the past, however most of these techniques are designed for a specific purpose, such as Operating System (OS) fingerprinting, Access Point (AP) fingerprinting, etc. Such standalone techniques often have limitations which render them dysfunctional in certain scenarios or against certain counter measures. In order to overcome such limitations, we propose a fingerprinting framework that can combine multiple fingerprinting techniques in a smart manner, using a centralized decision making engine. We believe that any given scenario or a counter measure is less likely to circumvent a group of diverse fingerprinting techniques, which serves as the primary motivation behind the aforementioned method of attack. Another major portion of the thesis concentrates on the design and development of a device and device type fingerprinting sub-module (GTID) that has been integrated into the proposed framework. This sub-module used statistical analysis of packet inter arrival times (IATs) to identify the type of device that is generating the traffic. This work also analyzes the performance of the identification technique on a real campus network and propose modifications that use pattern recognition neural networks to improve the overall performance. Additionally, we impart capabilities to the fingerprinting technique to enable the identification of 'Unknown' devices (i.e., devices for which no signature is stored), and also show that it can be extended to perform both device and device type identification. | en_US |
| dc.description.degree | MS | en_US |
| dc.identifier.uri | http://hdl.handle.net/1853/47609 | |
| dc.publisher | Georgia Institute of Technology | en_US |
| dc.subject | Access control | en_US |
| dc.subject | Device type fingerprinting | en_US |
| dc.subject | Device fingerprinting | en_US |
| dc.subject | System Fingerprinting | en_US |
| dc.subject | GTID | en_US |
| dc.subject | Security framework | en_US |
| dc.subject.lcsh | Computer networks Security measures | |
| dc.subject.lcsh | Intrusion detection systems (Computer security) | |
| dc.title | A framework for system fingerprinting | en_US |
| dc.type | Text | |
| dc.type.genre | Thesis | |
| dspace.entity.type | Publication | |
| local.contributor.advisor | Beyah, Raheem A. | |
| local.contributor.corporatename | School of Electrical and Computer Engineering | |
| local.contributor.corporatename | College of Engineering | |
| relation.isAdvisorOfPublication | 88360599-cf62-474a-81dd-961af8abbb9b | |
| relation.isOrgUnitOfPublication | 5b7adef2-447c-4270-b9fc-846bd76f80f2 | |
| relation.isOrgUnitOfPublication | 7c022d60-21d5-497c-b552-95e489a06569 |
Files
Original bundle
1 - 1 of 1
- Name:
- radhakrishnan_sakthivignesh_201305_mast.pdf
- Size:
- 5.84 MB
- Format:
- Adobe Portable Document Format
- Description: