论文信息 - Identification of unknown operating system type of Internet of Things terminal device based on RIPPER

Identification of unknown operating system type of Internet of Things terminal device based on RIPPER

Due to the vast popularity of sensors, cloud computing, mobile computing, and intelligent devices, the Internet of Things has seen tremendous growth in recent years. Operating system type recognition is the core technology of network security assessment. Due to inherit security problems of Internet of Things such as the situation of risk and threat of information, the operating system recognition seeks research attention for Internet of Things network security. In view of the current identification method of active operating system, it is prone to be detected by intrusion detection system. The operating system identification technology based on transmission control protocol/Internet protocol fingerprint library is more complicated than to distinguish the operating system types of unknown fingerprints. In this work, a passive operating system identification method based on RIPPER model is proposed. Also, it is compared with the existing support vector machine and C45 decision tree classification algorithms. Experiments reveal that RIPPER-based algorithm has better recognition accuracy and recognition efficiency.

[1] Andrew W. Moore,et al. Internet traffic classification using bayesian analysis techniques , 2005, SIGMETRICS '05.

[2] William W. Cohen. Fast Effective Rule Induction , 1995, ICML.

[3] Carlos Sarraute,et al. Using Neural Networks to improve classical Operating System Fingerprinting techniques , 2010, ArXiv.

[4] Deng Ji. Task-Based Access Control Model , 2003 .

[5] Cheng Shu-ba. Operating System Recognition based on Singular Value Decomposition and DAG_SVMS , 2013 .

[6] Robert Beverly,et al. A Robust Classifier for Passive TCP/IP Fingerprinting , 2004, PAM.

[7] Farnam Jahanian,et al. Defeating TCP/IP Stack Fingerprinting , 2000, USENIX Security Symposium.

[8] Dmitri Loguinov,et al. Hershel: Single-Packet OS Fingerprinting , 2016, TNET.

[9] Li Jianhua. Remote OS Detection Based on TCP/IP Stack Fingerprinting , 2004 .

[10] Ian H. Witten,et al. WEKA: a machine learning workbench , 1994, Proceedings of ANZIIS '94 - Australian New Zealnd Intelligent Information Systems Conference.