k-p0f: A high-throughput kernel passive OS fingerprinter

Jason Barnes; Patrick Crowley

doi:10.1109/ANCS.2013.6665187

2013 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)

k-p0f: A high-throughput kernel passive OS fingerprinter

Year: 2013, Pages: 113-114

DOI Bookmark: 10.1109/ANCS.2013.6665187

Authors

Jason Barnes, Washington University in St. Louis, 1 Brookings Drive, Missouri 63130, USA
Patrick Crowley, Washington University in St. Louis, 1 Brookings Drive, Missouri 63130, USA

Abstract

Most critical security vulnerabilities depend on the OS. If a hacker finds a machine with a vulnerable OS, then he can attack the system. Network administrators can defend against OS-specific attacks if they can find vulnerable machines before hackers do, but physically checking or actively scanning a large network can take time and resources. This paper describes a modification of p0f implemented in the Linux kernel, called k-p0f, which is a tool for this problem. This paper describes the design of k-p0f and compares its performance to p0f with both laboratory-generated and real-world traffic.

Like what you’re reading?

Already a member?

Get this article FREE with a new membership!

Hardwiring the OS kernel into a Java application processor
2017 IEEE 28th International Conference on Application-specific Systems, Architectures and Processors (ASAP)
Thread Migration in a Replicated-Kernel OS
2015 IEEE 35th International Conference on Distributed Computing Systems (ICDCS)
Automatically Generating External OS Kernel Integrity Checkers for Detecting Hidden Rootkits
2014 IEEE 11th Intl Conf on Ubiquitous Intelligence & Computing and 2014 IEEE 11th Intl Conf on Autonomic & Trusted Computing and 2014 IEEE 14th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom)
Dhara: A Service Abstraction-Based OS Kernel Design Model
Engineering of Complex Computer Systems, IEEE International Conference on
Software Based Remote Attestation for OS Kernel and User Applications
2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust (PASSAT) / 2011 IEEE Third Int'l Conference on Social Computing (SocialCom)
AUTOBEST: a united AUTOSAR-OS and ARINC 653 kernel
2015 IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS)
Automatic Invariant Generation for Monitoring OS Kernel Integrity
2012 IEEE International Conference on Embedded and Real-Time Computing Systems and Applications
Selective Profiling for OS Scalability Study on Multicore Systems
2013 IEEE 6th International Conference on Service-Oriented Computing and Applications
KF K-means: A High Performance K-means Implementation using Kernel Fusion
2023 IEEE International Conference on Big Data (BigData)
Running OS Kernel in Separate Domains: A New Architecture for Applications and OS Services Quarantine
2018 25th Asia-Pacific Software Engineering Conference (APSEC)

k-p0f: A high-throughput kernel passive OS fingerprinter

Authors

Abstract

Related Articles