Online Device Fingerprinting
Identifieur interne : 002960 ( Main/Curation ); précédent : 002959; suivant : 002961Online Device Fingerprinting
Auteurs : François Jérôme [Luxembourg (pays)] ; State Radu [Luxembourg (pays)] ; Olivier Festor [France] ; Engel Thomas [Luxembourg (pays)]Source :
Abstract
Device fingerprinting is powerful for network security assess- ment and intrusion detection because its goal is to get the precise name and version of a remote device. This paper is based on device repre- sentations proposed recently: the syntactic structure of a message and the behavior of a device. A comparison function is associated to both of them in order to be applied with recent classification techniques which leverage supervised learning. The approaches are evaluated with the SIP protocol and the evaluation considers the correctness of the identification and also computational complexity for being applied online. Conclusion exhibits the advantages and drawbacks of each method for choosing the more suitable method according to the network environment.
Url:
Links toward previous steps (curation, corpus...)
- to stream Hal, to step Corpus: Pour aller vers cette notice dans l'étape Curation :003897
- to stream Hal, to step Curation: Pour aller vers cette notice dans l'étape Curation :003897
- to stream Hal, to step Checkpoint: Pour aller vers cette notice dans l'étape Curation :002195
- to stream Main, to step Merge: Pour aller vers cette notice dans l'étape Curation :002A22
Links to Exploration step
Hal:inria-00547367Le document en format XML
<record><TEI><teiHeader><fileDesc><titleStmt><title xml:lang="en">Online Device Fingerprinting</title>
<author><name sortKey="Jerome, Francois" sort="Jerome, Francois" uniqKey="Jerome F" first="François" last="Jérôme">François Jérôme</name>
<affiliation wicri:level="1"><hal:affiliation type="laboratory" xml:id="struct-191990" status="VALID"><orgName>Interdisciplinary Centre for Security, Reliability and Trust [Luxembourg]</orgName>
<orgName type="acronym">SnT</orgName>
<desc><address><addrLine>6, rue Richard Couhenhove-Kalergi L-1359 Luxembourg</addrLine>
<country key="LU"></country>
</address>
<ref type="url">http://wwwen.uni.lu/snt</ref>
</desc>
<listRelation><relation active="#struct-104741" type="direct"></relation>
</listRelation>
<tutelles><tutelle active="#struct-104741" type="direct"><org type="institution" xml:id="struct-104741" status="VALID"><orgName>Université du Luxembourg</orgName>
<orgName type="acronym">Uni.lu</orgName>
<desc><address><addrLine>6 rue Richard Coudenhove-Kalergi - L-1359 Luxembourg</addrLine>
<country key="LU"></country>
</address>
<ref type="url">http://wwwfr.uni.lu/</ref>
</desc>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>Luxembourg (pays)</country>
<placeName><settlement type="city">Luxembourg</settlement>
</placeName>
<orgName type="university">Université du Luxembourg</orgName>
</affiliation>
</author>
<author><name sortKey="Radu, State" sort="Radu, State" uniqKey="Radu S" first="State" last="Radu">State Radu</name>
<affiliation wicri:level="1"><hal:affiliation type="institution" xml:id="struct-97637" status="VALID"><orgName>Faculté des Sciences, de la Technologie et de la Communication</orgName>
<orgName type="acronym">FSTC</orgName>
<desc><address><addrLine>6, rue Coudenhove-Kalergi - 1359 Luxembourg-Kirchberg</addrLine>
<country key="LU"></country>
</address>
<ref type="url">http://wwwfr.uni.lu/fstc</ref>
</desc>
</hal:affiliation>
<country>Luxembourg (pays)</country>
</affiliation>
</author>
<author><name sortKey="Festor, Olivier" sort="Festor, Olivier" uniqKey="Festor O" first="Olivier" last="Festor">Olivier Festor</name>
<affiliation wicri:level="1"><hal:affiliation type="researchteam" xml:id="struct-2354" status="OLD"><idno type="RNSR">200418297A</idno>
<orgName>Management of dynamic networks and services</orgName>
<orgName type="acronym">MADYNES</orgName>
<desc><address><country key="FR"></country>
</address>
<ref type="url">http://www.inria.fr/equipes/madynes</ref>
</desc>
<listRelation><relation active="#struct-160" type="direct"></relation>
<relation name="UMR7503" active="#struct-441569" type="indirect"></relation>
<relation active="#struct-300009" type="indirect"></relation>
<relation active="#struct-300291" type="indirect"></relation>
<relation active="#struct-300292" type="indirect"></relation>
<relation active="#struct-300293" type="indirect"></relation>
<relation active="#struct-2496" type="direct"></relation>
</listRelation>
<tutelles><tutelle active="#struct-160" type="direct"><org type="laboratory" xml:id="struct-160" status="OLD"><orgName>Laboratoire Lorrain de Recherche en Informatique et ses Applications</orgName>
<orgName type="acronym">LORIA</orgName>
<desc><address><addrLine>Campus Scientifique BP 239 54506 Vandoeuvre-lès-Nancy Cedex</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.loria.fr</ref>
</desc>
<listRelation><relation name="UMR7503" active="#struct-441569" type="direct"></relation>
<relation active="#struct-300009" type="direct"></relation>
<relation active="#struct-300291" type="direct"></relation>
<relation active="#struct-300292" type="direct"></relation>
<relation active="#struct-300293" type="direct"></relation>
</listRelation>
</org>
</tutelle>
<tutelle name="UMR7503" active="#struct-441569" type="indirect"><org type="institution" xml:id="struct-441569" status="VALID"><idno type="ISNI">0000000122597504</idno>
<idno type="IdRef">02636817X</idno>
<orgName>Centre National de la Recherche Scientifique</orgName>
<orgName type="acronym">CNRS</orgName>
<date type="start">1939-10-19</date>
<desc><address><country key="FR"></country>
</address>
<ref type="url">http://www.cnrs.fr/</ref>
</desc>
</org>
</tutelle>
<tutelle active="#struct-300009" type="indirect"><org type="institution" xml:id="struct-300009" status="VALID"><orgName>Institut National de Recherche en Informatique et en Automatique</orgName>
<orgName type="acronym">Inria</orgName>
<desc><address><addrLine>Domaine de VoluceauRocquencourt - BP 10578153 Le Chesnay Cedex</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.inria.fr/en/</ref>
</desc>
</org>
</tutelle>
<tutelle active="#struct-300291" type="indirect"><org type="institution" xml:id="struct-300291" status="OLD"><orgName>Université Henri Poincaré - Nancy 1</orgName>
<orgName type="acronym">UHP</orgName>
<date type="end">2011-12-31</date>
<desc><address><addrLine>24-30 rue Lionnois, BP 60120, 54 003 NANCY cedex, France</addrLine>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
<tutelle active="#struct-300292" type="indirect"><org type="institution" xml:id="struct-300292" status="OLD"><orgName>Université Nancy 2</orgName>
<date type="end">2011-12-31</date>
<desc><address><addrLine>91 avenue de la Libération, BP 454, 54001 Nancy cedex</addrLine>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
<tutelle active="#struct-300293" type="indirect"><org type="institution" xml:id="struct-300293" status="OLD"><orgName>Institut National Polytechnique de Lorraine</orgName>
<orgName type="acronym">INPL</orgName>
<date type="end">2011-12-31</date>
<desc><address><country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
<tutelle active="#struct-2496" type="direct"><org type="laboratory" xml:id="struct-2496" status="OLD"><orgName>INRIA Lorraine</orgName>
<desc><address><addrLine>615 rue du Jardin Botanique 54600 Villers-lès-Nancy</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.inria.fr/centre-de-recherche-inria/nancy-grand-est</ref>
</desc>
<listRelation><relation active="#struct-300009" type="direct"></relation>
</listRelation>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>France</country>
<placeName><settlement type="city">Nancy</settlement>
<region type="region" nuts="2">Grand Est</region>
<region type="old region" nuts="2">Lorraine (région)</region>
</placeName>
<orgName type="university">Université Nancy 2</orgName>
<orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName>
<placeName><settlement type="city">Nancy</settlement>
<region type="region" nuts="2">Grand Est</region>
<region type="old region" nuts="2">Lorraine (région)</region>
</placeName>
<orgName type="university">Institut national polytechnique de Lorraine</orgName>
<orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName>
</affiliation>
</author>
<author><name sortKey="Thomas, Engel" sort="Thomas, Engel" uniqKey="Thomas E" first="Engel" last="Thomas">Engel Thomas</name>
<affiliation wicri:level="1"><hal:affiliation type="institution" xml:id="struct-104741" status="VALID"><orgName>Université du Luxembourg</orgName>
<orgName type="acronym">Uni.lu</orgName>
<desc><address><addrLine>6 rue Richard Coudenhove-Kalergi - L-1359 Luxembourg</addrLine>
<country key="LU"></country>
</address>
<ref type="url">http://wwwfr.uni.lu/</ref>
</desc>
</hal:affiliation>
<country>Luxembourg (pays)</country>
</affiliation>
</author>
</titleStmt>
<publicationStmt><idno type="wicri:source">HAL</idno>
<idno type="RBID">Hal:inria-00547367</idno>
<idno type="halId">inria-00547367</idno>
<idno type="halUri">https://hal.inria.fr/inria-00547367</idno>
<idno type="url">https://hal.inria.fr/inria-00547367</idno>
<date when="2010-11-15">2010-11-15</date>
<idno type="wicri:Area/Hal/Corpus">003897</idno>
<idno type="wicri:Area/Hal/Curation">003897</idno>
<idno type="wicri:Area/Hal/Checkpoint">002195</idno>
<idno type="wicri:explorRef" wicri:stream="Hal" wicri:step="Checkpoint">002195</idno>
<idno type="wicri:Area/Main/Merge">002A22</idno>
<idno type="wicri:Area/Main/Curation">002960</idno>
</publicationStmt>
<sourceDesc><biblStruct><analytic><title xml:lang="en">Online Device Fingerprinting</title>
<author><name sortKey="Jerome, Francois" sort="Jerome, Francois" uniqKey="Jerome F" first="François" last="Jérôme">François Jérôme</name>
<affiliation wicri:level="1"><hal:affiliation type="laboratory" xml:id="struct-191990" status="VALID"><orgName>Interdisciplinary Centre for Security, Reliability and Trust [Luxembourg]</orgName>
<orgName type="acronym">SnT</orgName>
<desc><address><addrLine>6, rue Richard Couhenhove-Kalergi L-1359 Luxembourg</addrLine>
<country key="LU"></country>
</address>
<ref type="url">http://wwwen.uni.lu/snt</ref>
</desc>
<listRelation><relation active="#struct-104741" type="direct"></relation>
</listRelation>
<tutelles><tutelle active="#struct-104741" type="direct"><org type="institution" xml:id="struct-104741" status="VALID"><orgName>Université du Luxembourg</orgName>
<orgName type="acronym">Uni.lu</orgName>
<desc><address><addrLine>6 rue Richard Coudenhove-Kalergi - L-1359 Luxembourg</addrLine>
<country key="LU"></country>
</address>
<ref type="url">http://wwwfr.uni.lu/</ref>
</desc>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>Luxembourg (pays)</country>
<placeName><settlement type="city">Luxembourg</settlement>
</placeName>
<orgName type="university">Université du Luxembourg</orgName>
</affiliation>
</author>
<author><name sortKey="Radu, State" sort="Radu, State" uniqKey="Radu S" first="State" last="Radu">State Radu</name>
<affiliation wicri:level="1"><hal:affiliation type="institution" xml:id="struct-97637" status="VALID"><orgName>Faculté des Sciences, de la Technologie et de la Communication</orgName>
<orgName type="acronym">FSTC</orgName>
<desc><address><addrLine>6, rue Coudenhove-Kalergi - 1359 Luxembourg-Kirchberg</addrLine>
<country key="LU"></country>
</address>
<ref type="url">http://wwwfr.uni.lu/fstc</ref>
</desc>
</hal:affiliation>
<country>Luxembourg (pays)</country>
</affiliation>
</author>
<author><name sortKey="Festor, Olivier" sort="Festor, Olivier" uniqKey="Festor O" first="Olivier" last="Festor">Olivier Festor</name>
<affiliation wicri:level="1"><hal:affiliation type="researchteam" xml:id="struct-2354" status="OLD"><idno type="RNSR">200418297A</idno>
<orgName>Management of dynamic networks and services</orgName>
<orgName type="acronym">MADYNES</orgName>
<desc><address><country key="FR"></country>
</address>
<ref type="url">http://www.inria.fr/equipes/madynes</ref>
</desc>
<listRelation><relation active="#struct-160" type="direct"></relation>
<relation name="UMR7503" active="#struct-441569" type="indirect"></relation>
<relation active="#struct-300009" type="indirect"></relation>
<relation active="#struct-300291" type="indirect"></relation>
<relation active="#struct-300292" type="indirect"></relation>
<relation active="#struct-300293" type="indirect"></relation>
<relation active="#struct-2496" type="direct"></relation>
</listRelation>
<tutelles><tutelle active="#struct-160" type="direct"><org type="laboratory" xml:id="struct-160" status="OLD"><orgName>Laboratoire Lorrain de Recherche en Informatique et ses Applications</orgName>
<orgName type="acronym">LORIA</orgName>
<desc><address><addrLine>Campus Scientifique BP 239 54506 Vandoeuvre-lès-Nancy Cedex</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.loria.fr</ref>
</desc>
<listRelation><relation name="UMR7503" active="#struct-441569" type="direct"></relation>
<relation active="#struct-300009" type="direct"></relation>
<relation active="#struct-300291" type="direct"></relation>
<relation active="#struct-300292" type="direct"></relation>
<relation active="#struct-300293" type="direct"></relation>
</listRelation>
</org>
</tutelle>
<tutelle name="UMR7503" active="#struct-441569" type="indirect"><org type="institution" xml:id="struct-441569" status="VALID"><idno type="ISNI">0000000122597504</idno>
<idno type="IdRef">02636817X</idno>
<orgName>Centre National de la Recherche Scientifique</orgName>
<orgName type="acronym">CNRS</orgName>
<date type="start">1939-10-19</date>
<desc><address><country key="FR"></country>
</address>
<ref type="url">http://www.cnrs.fr/</ref>
</desc>
</org>
</tutelle>
<tutelle active="#struct-300009" type="indirect"><org type="institution" xml:id="struct-300009" status="VALID"><orgName>Institut National de Recherche en Informatique et en Automatique</orgName>
<orgName type="acronym">Inria</orgName>
<desc><address><addrLine>Domaine de VoluceauRocquencourt - BP 10578153 Le Chesnay Cedex</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.inria.fr/en/</ref>
</desc>
</org>
</tutelle>
<tutelle active="#struct-300291" type="indirect"><org type="institution" xml:id="struct-300291" status="OLD"><orgName>Université Henri Poincaré - Nancy 1</orgName>
<orgName type="acronym">UHP</orgName>
<date type="end">2011-12-31</date>
<desc><address><addrLine>24-30 rue Lionnois, BP 60120, 54 003 NANCY cedex, France</addrLine>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
<tutelle active="#struct-300292" type="indirect"><org type="institution" xml:id="struct-300292" status="OLD"><orgName>Université Nancy 2</orgName>
<date type="end">2011-12-31</date>
<desc><address><addrLine>91 avenue de la Libération, BP 454, 54001 Nancy cedex</addrLine>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
<tutelle active="#struct-300293" type="indirect"><org type="institution" xml:id="struct-300293" status="OLD"><orgName>Institut National Polytechnique de Lorraine</orgName>
<orgName type="acronym">INPL</orgName>
<date type="end">2011-12-31</date>
<desc><address><country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
<tutelle active="#struct-2496" type="direct"><org type="laboratory" xml:id="struct-2496" status="OLD"><orgName>INRIA Lorraine</orgName>
<desc><address><addrLine>615 rue du Jardin Botanique 54600 Villers-lès-Nancy</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.inria.fr/centre-de-recherche-inria/nancy-grand-est</ref>
</desc>
<listRelation><relation active="#struct-300009" type="direct"></relation>
</listRelation>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>France</country>
<placeName><settlement type="city">Nancy</settlement>
<region type="region" nuts="2">Grand Est</region>
<region type="old region" nuts="2">Lorraine (région)</region>
</placeName>
<orgName type="university">Université Nancy 2</orgName>
<orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName>
<placeName><settlement type="city">Nancy</settlement>
<region type="region" nuts="2">Grand Est</region>
<region type="old region" nuts="2">Lorraine (région)</region>
</placeName>
<orgName type="university">Institut national polytechnique de Lorraine</orgName>
<orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName>
</affiliation>
</author>
<author><name sortKey="Thomas, Engel" sort="Thomas, Engel" uniqKey="Thomas E" first="Engel" last="Thomas">Engel Thomas</name>
<affiliation wicri:level="1"><hal:affiliation type="institution" xml:id="struct-104741" status="VALID"><orgName>Université du Luxembourg</orgName>
<orgName type="acronym">Uni.lu</orgName>
<desc><address><addrLine>6 rue Richard Coudenhove-Kalergi - L-1359 Luxembourg</addrLine>
<country key="LU"></country>
</address>
<ref type="url">http://wwwfr.uni.lu/</ref>
</desc>
</hal:affiliation>
<country>Luxembourg (pays)</country>
</affiliation>
</author>
</analytic>
</biblStruct>
</sourceDesc>
</fileDesc>
<profileDesc><textClass></textClass>
</profileDesc>
</teiHeader>
<front><div type="abstract" xml:lang="en">Device fingerprinting is powerful for network security assess- ment and intrusion detection because its goal is to get the precise name and version of a remote device. This paper is based on device repre- sentations proposed recently: the syntactic structure of a message and the behavior of a device. A comparison function is associated to both of them in order to be applied with recent classification techniques which leverage supervised learning. The approaches are evaluated with the SIP protocol and the evaluation considers the correctness of the identification and also computational complexity for being applied online. Conclusion exhibits the advantages and drawbacks of each method for choosing the more suitable method according to the network environment.</div>
</front>
</TEI>
</record>
Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Lorraine/explor/InforLorV4/Data/Main/Curation
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 002960 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Main/Curation/biblio.hfd -nk 002960 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien |wiki= Wicri/Lorraine |area= InforLorV4 |flux= Main |étape= Curation |type= RBID |clé= Hal:inria-00547367 |texte= Online Device Fingerprinting }}
This area was generated with Dilib version V0.6.33. |