Online Device Fingerprinting
Identifieur interne : 002960 ( Main/Exploration ); précédent : 002959; suivant : 002961Online Device Fingerprinting
Auteurs : François Jérôme [Luxembourg (pays)] ; State Radu [Luxembourg (pays)] ; Olivier Festor [France] ; Engel Thomas [Luxembourg (pays)]Source :
Abstract
Device fingerprinting is powerful for network security assess- ment and intrusion detection because its goal is to get the precise name and version of a remote device. This paper is based on device repre- sentations proposed recently: the syntactic structure of a message and the behavior of a device. A comparison function is associated to both of them in order to be applied with recent classification techniques which leverage supervised learning. The approaches are evaluated with the SIP protocol and the evaluation considers the correctness of the identification and also computational complexity for being applied online. Conclusion exhibits the advantages and drawbacks of each method for choosing the more suitable method according to the network environment.
Url:
Affiliations:
- France, Luxembourg (pays)
- Grand Est, Lorraine (région)
- Luxembourg, Nancy
- Institut national polytechnique de Lorraine, Université Nancy 2, Université de Lorraine, Université du Luxembourg
Links toward previous steps (curation, corpus...)
- to stream Hal, to step Corpus: 003897
- to stream Hal, to step Curation: 003897
- to stream Hal, to step Checkpoint: 002195
- to stream Main, to step Merge: 002A22
- to stream Main, to step Curation: 002960
Le document en format XML
<record><TEI><teiHeader><fileDesc><titleStmt><title xml:lang="en">Online Device Fingerprinting</title><author><name sortKey="Jerome, Francois" sort="Jerome, Francois" uniqKey="Jerome F" first="François" last="Jérôme">François Jérôme</name><affiliation wicri:level="1"><hal:affiliation type="laboratory" xml:id="struct-191990" status="VALID"><orgName>Interdisciplinary Centre for Security, Reliability and Trust [Luxembourg]</orgName><orgName type="acronym">SnT</orgName><desc><address><addrLine>6, rue Richard Couhenhove-Kalergi L-1359 Luxembourg</addrLine><country key="LU"></country></address><ref type="url">http://wwwen.uni.lu/snt</ref></desc><listRelation><relation active="#struct-104741" type="direct"></relation></listRelation><tutelles><tutelle active="#struct-104741" type="direct"><org type="institution" xml:id="struct-104741" status="VALID"><orgName>Université du Luxembourg</orgName><orgName type="acronym">Uni.lu</orgName><desc><address><addrLine>6 rue Richard Coudenhove-Kalergi - L-1359 Luxembourg</addrLine><country key="LU"></country></address><ref type="url">http://wwwfr.uni.lu/</ref></desc></org></tutelle></tutelles></hal:affiliation><country>Luxembourg (pays)</country><placeName><settlement type="city">Luxembourg</settlement></placeName><orgName type="university">Université du Luxembourg</orgName></affiliation></author><author><name sortKey="Radu, State" sort="Radu, State" uniqKey="Radu S" first="State" last="Radu">State Radu</name><affiliation wicri:level="1"><hal:affiliation type="institution" xml:id="struct-97637" status="VALID"><orgName>Faculté des Sciences, de la Technologie et de la Communication</orgName><orgName type="acronym">FSTC</orgName><desc><address><addrLine>6, rue Coudenhove-Kalergi - 1359 Luxembourg-Kirchberg</addrLine><country key="LU"></country></address><ref type="url">http://wwwfr.uni.lu/fstc</ref></desc></hal:affiliation><country>Luxembourg (pays)</country></affiliation></author><author><name sortKey="Festor, Olivier" sort="Festor, Olivier" uniqKey="Festor O" first="Olivier" last="Festor">Olivier Festor</name><affiliation wicri:level="1"><hal:affiliation type="researchteam" xml:id="struct-2354" status="OLD"><idno type="RNSR">200418297A</idno><orgName>Management of dynamic networks and services</orgName><orgName type="acronym">MADYNES</orgName><desc><address><country key="FR"></country></address><ref type="url">http://www.inria.fr/equipes/madynes</ref></desc><listRelation><relation active="#struct-160" type="direct"></relation><relation name="UMR7503" active="#struct-441569" type="indirect"></relation><relation active="#struct-300009" type="indirect"></relation><relation active="#struct-300291" type="indirect"></relation><relation active="#struct-300292" type="indirect"></relation><relation active="#struct-300293" type="indirect"></relation><relation active="#struct-2496" type="direct"></relation></listRelation><tutelles><tutelle active="#struct-160" type="direct"><org type="laboratory" xml:id="struct-160" status="OLD"><orgName>Laboratoire Lorrain de Recherche en Informatique et ses Applications</orgName><orgName type="acronym">LORIA</orgName><desc><address><addrLine>Campus Scientifique BP 239 54506 Vandoeuvre-lès-Nancy Cedex</addrLine><country key="FR"></country></address><ref type="url">http://www.loria.fr</ref></desc><listRelation><relation name="UMR7503" active="#struct-441569" type="direct"></relation><relation active="#struct-300009" type="direct"></relation><relation active="#struct-300291" type="direct"></relation><relation active="#struct-300292" type="direct"></relation><relation active="#struct-300293" type="direct"></relation></listRelation></org></tutelle><tutelle name="UMR7503" active="#struct-441569" type="indirect"><org type="institution" xml:id="struct-441569" status="VALID"><idno type="ISNI">0000000122597504</idno><idno type="IdRef">02636817X</idno><orgName>Centre National de la Recherche Scientifique</orgName><orgName type="acronym">CNRS</orgName><date type="start">1939-10-19</date><desc><address><country key="FR"></country></address><ref type="url">http://www.cnrs.fr/</ref></desc></org></tutelle><tutelle active="#struct-300009" type="indirect"><org type="institution" xml:id="struct-300009" status="VALID"><orgName>Institut National de Recherche en Informatique et en Automatique</orgName><orgName type="acronym">Inria</orgName><desc><address><addrLine>Domaine de VoluceauRocquencourt - BP 10578153 Le Chesnay Cedex</addrLine><country key="FR"></country></address><ref type="url">http://www.inria.fr/en/</ref></desc></org></tutelle><tutelle active="#struct-300291" type="indirect"><org type="institution" xml:id="struct-300291" status="OLD"><orgName>Université Henri Poincaré - Nancy 1</orgName><orgName type="acronym">UHP</orgName><date type="end">2011-12-31</date><desc><address><addrLine>24-30 rue Lionnois, BP 60120, 54 003 NANCY cedex, France</addrLine><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-300292" type="indirect"><org type="institution" xml:id="struct-300292" status="OLD"><orgName>Université Nancy 2</orgName><date type="end">2011-12-31</date><desc><address><addrLine>91 avenue de la Libération, BP 454, 54001 Nancy cedex</addrLine><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-300293" type="indirect"><org type="institution" xml:id="struct-300293" status="OLD"><orgName>Institut National Polytechnique de Lorraine</orgName><orgName type="acronym">INPL</orgName><date type="end">2011-12-31</date><desc><address><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-2496" type="direct"><org type="laboratory" xml:id="struct-2496" status="OLD"><orgName>INRIA Lorraine</orgName><desc><address><addrLine>615 rue du Jardin Botanique 54600 Villers-lès-Nancy</addrLine><country key="FR"></country></address><ref type="url">http://www.inria.fr/centre-de-recherche-inria/nancy-grand-est</ref></desc><listRelation><relation active="#struct-300009" type="direct"></relation></listRelation></org></tutelle></tutelles></hal:affiliation><country>France</country><placeName><settlement type="city">Nancy</settlement><region type="region" nuts="2">Grand Est</region><region type="old region" nuts="2">Lorraine (région)</region></placeName><orgName type="university">Université Nancy 2</orgName><orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName><placeName><settlement type="city">Nancy</settlement><region type="region" nuts="2">Grand Est</region><region type="old region" nuts="2">Lorraine (région)</region></placeName><orgName type="university">Institut national polytechnique de Lorraine</orgName><orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName></affiliation></author><author><name sortKey="Thomas, Engel" sort="Thomas, Engel" uniqKey="Thomas E" first="Engel" last="Thomas">Engel Thomas</name><affiliation wicri:level="1"><hal:affiliation type="institution" xml:id="struct-104741" status="VALID"><orgName>Université du Luxembourg</orgName><orgName type="acronym">Uni.lu</orgName><desc><address><addrLine>6 rue Richard Coudenhove-Kalergi - L-1359 Luxembourg</addrLine><country key="LU"></country></address><ref type="url">http://wwwfr.uni.lu/</ref></desc></hal:affiliation><country>Luxembourg (pays)</country></affiliation></author></titleStmt><publicationStmt><idno type="wicri:source">HAL</idno><idno type="RBID">Hal:inria-00547367</idno><idno type="halId">inria-00547367</idno><idno type="halUri">https://hal.inria.fr/inria-00547367</idno><idno type="url">https://hal.inria.fr/inria-00547367</idno><date when="2010-11-15">2010-11-15</date><idno type="wicri:Area/Hal/Corpus">003897</idno><idno type="wicri:Area/Hal/Curation">003897</idno><idno type="wicri:Area/Hal/Checkpoint">002195</idno><idno type="wicri:explorRef" wicri:stream="Hal" wicri:step="Checkpoint">002195</idno><idno type="wicri:Area/Main/Merge">002A22</idno><idno type="wicri:Area/Main/Curation">002960</idno><idno type="wicri:Area/Main/Exploration">002960</idno></publicationStmt><sourceDesc><biblStruct><analytic><title xml:lang="en">Online Device Fingerprinting</title><author><name sortKey="Jerome, Francois" sort="Jerome, Francois" uniqKey="Jerome F" first="François" last="Jérôme">François Jérôme</name><affiliation wicri:level="1"><hal:affiliation type="laboratory" xml:id="struct-191990" status="VALID"><orgName>Interdisciplinary Centre for Security, Reliability and Trust [Luxembourg]</orgName><orgName type="acronym">SnT</orgName><desc><address><addrLine>6, rue Richard Couhenhove-Kalergi L-1359 Luxembourg</addrLine><country key="LU"></country></address><ref type="url">http://wwwen.uni.lu/snt</ref></desc><listRelation><relation active="#struct-104741" type="direct"></relation></listRelation><tutelles><tutelle active="#struct-104741" type="direct"><org type="institution" xml:id="struct-104741" status="VALID"><orgName>Université du Luxembourg</orgName><orgName type="acronym">Uni.lu</orgName><desc><address><addrLine>6 rue Richard Coudenhove-Kalergi - L-1359 Luxembourg</addrLine><country key="LU"></country></address><ref type="url">http://wwwfr.uni.lu/</ref></desc></org></tutelle></tutelles></hal:affiliation><country>Luxembourg (pays)</country><placeName><settlement type="city">Luxembourg</settlement></placeName><orgName type="university">Université du Luxembourg</orgName></affiliation></author><author><name sortKey="Radu, State" sort="Radu, State" uniqKey="Radu S" first="State" last="Radu">State Radu</name><affiliation wicri:level="1"><hal:affiliation type="institution" xml:id="struct-97637" status="VALID"><orgName>Faculté des Sciences, de la Technologie et de la Communication</orgName><orgName type="acronym">FSTC</orgName><desc><address><addrLine>6, rue Coudenhove-Kalergi - 1359 Luxembourg-Kirchberg</addrLine><country key="LU"></country></address><ref type="url">http://wwwfr.uni.lu/fstc</ref></desc></hal:affiliation><country>Luxembourg (pays)</country></affiliation></author><author><name sortKey="Festor, Olivier" sort="Festor, Olivier" uniqKey="Festor O" first="Olivier" last="Festor">Olivier Festor</name><affiliation wicri:level="1"><hal:affiliation type="researchteam" xml:id="struct-2354" status="OLD"><idno type="RNSR">200418297A</idno><orgName>Management of dynamic networks and services</orgName><orgName type="acronym">MADYNES</orgName><desc><address><country key="FR"></country></address><ref type="url">http://www.inria.fr/equipes/madynes</ref></desc><listRelation><relation active="#struct-160" type="direct"></relation><relation name="UMR7503" active="#struct-441569" type="indirect"></relation><relation active="#struct-300009" type="indirect"></relation><relation active="#struct-300291" type="indirect"></relation><relation active="#struct-300292" type="indirect"></relation><relation active="#struct-300293" type="indirect"></relation><relation active="#struct-2496" type="direct"></relation></listRelation><tutelles><tutelle active="#struct-160" type="direct"><org type="laboratory" xml:id="struct-160" status="OLD"><orgName>Laboratoire Lorrain de Recherche en Informatique et ses Applications</orgName><orgName type="acronym">LORIA</orgName><desc><address><addrLine>Campus Scientifique BP 239 54506 Vandoeuvre-lès-Nancy Cedex</addrLine><country key="FR"></country></address><ref type="url">http://www.loria.fr</ref></desc><listRelation><relation name="UMR7503" active="#struct-441569" type="direct"></relation><relation active="#struct-300009" type="direct"></relation><relation active="#struct-300291" type="direct"></relation><relation active="#struct-300292" type="direct"></relation><relation active="#struct-300293" type="direct"></relation></listRelation></org></tutelle><tutelle name="UMR7503" active="#struct-441569" type="indirect"><org type="institution" xml:id="struct-441569" status="VALID"><idno type="ISNI">0000000122597504</idno><idno type="IdRef">02636817X</idno><orgName>Centre National de la Recherche Scientifique</orgName><orgName type="acronym">CNRS</orgName><date type="start">1939-10-19</date><desc><address><country key="FR"></country></address><ref type="url">http://www.cnrs.fr/</ref></desc></org></tutelle><tutelle active="#struct-300009" type="indirect"><org type="institution" xml:id="struct-300009" status="VALID"><orgName>Institut National de Recherche en Informatique et en Automatique</orgName><orgName type="acronym">Inria</orgName><desc><address><addrLine>Domaine de VoluceauRocquencourt - BP 10578153 Le Chesnay Cedex</addrLine><country key="FR"></country></address><ref type="url">http://www.inria.fr/en/</ref></desc></org></tutelle><tutelle active="#struct-300291" type="indirect"><org type="institution" xml:id="struct-300291" status="OLD"><orgName>Université Henri Poincaré - Nancy 1</orgName><orgName type="acronym">UHP</orgName><date type="end">2011-12-31</date><desc><address><addrLine>24-30 rue Lionnois, BP 60120, 54 003 NANCY cedex, France</addrLine><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-300292" type="indirect"><org type="institution" xml:id="struct-300292" status="OLD"><orgName>Université Nancy 2</orgName><date type="end">2011-12-31</date><desc><address><addrLine>91 avenue de la Libération, BP 454, 54001 Nancy cedex</addrLine><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-300293" type="indirect"><org type="institution" xml:id="struct-300293" status="OLD"><orgName>Institut National Polytechnique de Lorraine</orgName><orgName type="acronym">INPL</orgName><date type="end">2011-12-31</date><desc><address><country key="FR"></country></address></desc></org></tutelle><tutelle active="#struct-2496" type="direct"><org type="laboratory" xml:id="struct-2496" status="OLD"><orgName>INRIA Lorraine</orgName><desc><address><addrLine>615 rue du Jardin Botanique 54600 Villers-lès-Nancy</addrLine><country key="FR"></country></address><ref type="url">http://www.inria.fr/centre-de-recherche-inria/nancy-grand-est</ref></desc><listRelation><relation active="#struct-300009" type="direct"></relation></listRelation></org></tutelle></tutelles></hal:affiliation><country>France</country><placeName><settlement type="city">Nancy</settlement><region type="region" nuts="2">Grand Est</region><region type="old region" nuts="2">Lorraine (région)</region></placeName><orgName type="university">Université Nancy 2</orgName><orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName><placeName><settlement type="city">Nancy</settlement><region type="region" nuts="2">Grand Est</region><region type="old region" nuts="2">Lorraine (région)</region></placeName><orgName type="university">Institut national polytechnique de Lorraine</orgName><orgName type="institution" wicri:auto="newGroup">Université de Lorraine</orgName></affiliation></author><author><name sortKey="Thomas, Engel" sort="Thomas, Engel" uniqKey="Thomas E" first="Engel" last="Thomas">Engel Thomas</name><affiliation wicri:level="1"><hal:affiliation type="institution" xml:id="struct-104741" status="VALID"><orgName>Université du Luxembourg</orgName><orgName type="acronym">Uni.lu</orgName><desc><address><addrLine>6 rue Richard Coudenhove-Kalergi - L-1359 Luxembourg</addrLine><country key="LU"></country></address><ref type="url">http://wwwfr.uni.lu/</ref></desc></hal:affiliation><country>Luxembourg (pays)</country></affiliation></author></analytic></biblStruct></sourceDesc></fileDesc><profileDesc><textClass></textClass></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">Device fingerprinting is powerful for network security assess- ment and intrusion detection because its goal is to get the precise name and version of a remote device. This paper is based on device repre- sentations proposed recently: the syntactic structure of a message and the behavior of a device. A comparison function is associated to both of them in order to be applied with recent classification techniques which leverage supervised learning. The approaches are evaluated with the SIP protocol and the evaluation considers the correctness of the identification and also computational complexity for being applied online. Conclusion exhibits the advantages and drawbacks of each method for choosing the more suitable method according to the network environment.</div></front></TEI><affiliations><list><country><li>France</li><li>Luxembourg (pays)</li></country><region><li>Grand Est</li><li>Lorraine (région)</li></region><settlement><li>Luxembourg</li><li>Nancy</li></settlement><orgName><li>Institut national polytechnique de Lorraine</li><li>Université Nancy 2</li><li>Université de Lorraine</li><li>Université du Luxembourg</li></orgName></list><tree><country name="Luxembourg (pays)"><noRegion><name sortKey="Jerome, Francois" sort="Jerome, Francois" uniqKey="Jerome F" first="François" last="Jérôme">François Jérôme</name></noRegion><name sortKey="Radu, State" sort="Radu, State" uniqKey="Radu S" first="State" last="Radu">State Radu</name><name sortKey="Thomas, Engel" sort="Thomas, Engel" uniqKey="Thomas E" first="Engel" last="Thomas">Engel Thomas</name></country><country name="France"><region name="Grand Est"><name sortKey="Festor, Olivier" sort="Festor, Olivier" uniqKey="Festor O" first="Olivier" last="Festor">Olivier Festor</name></region></country></tree></affiliations></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Lorraine/explor/InforLorV4/Data/Main/Exploration
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 002960 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 002960 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Wicri/Lorraine
|area= InforLorV4
|flux= Main
|étape= Exploration
|type= RBID
|clé= Hal:inria-00547367
|texte= Online Device Fingerprinting
}}
| This area was generated with Dilib version V0.6.33. |  |