A hybrid approach to operating system discovery based on diagnosis theory
Motivated by the increasing importance of knowing which operating systems are running in a given network, we evaluated operating system discovery (OSD) tools. The results indicated a serious lack of accuracy in current OSD tools. This thesis proposes a new approach to OS discovery which addresses the limitations of existing tools and leads to a more flexible, less intrusive, and much more accurate tool. Moreover, unlike existing OSD tools which are completely ad hoc, our approach is formal and follows the principles of diagnosis problem solving. This formalism allows us to: • characterize the complexity of OSD; • use well-tested algorithms and • benefit from numerous possible extensions. To fully address the needs of OSD, we generalize the theory of diagnosis with a query-based extension. This extension leads to a spectrum of test selection algorithms to solve each query.
|Conference||2012 IEEE Network Operations and Management Symposium, NOMS 2012|
Gagnon, F, & Esfandiari, B. (2012). A hybrid approach to operating system discovery based on diagnosis theory. Presented at the 2012 IEEE Network Operations and Management Symposium, NOMS 2012. doi:10.1109/NOMS.2012.6212000