Machine Learning Fingerprinting Methods in Cyber Security Domain: Which one to Use?
|Druh||Článek ve sborníku|
|Konference||Proceedings of the 14th International Wireless Communications and Mobile Computing Conference|
|Fakulta / Pracoviště MU|
|Klíčová slova||Machine Learning; OS Fingerprinting; IPFIX; Cybersecurity|
|Popis||Identification of a communicating device operating system is a fundamental part of network situational awareness. However, current networks are large and change often which implies the need for a system that will be able to continuously monitor the network and handle changes in identified operating systems. The aim of this paper is to compare machine learning methods performance for OS fingerprinting on real-world data in the terms of processing time, memory requirements, and performance measures of accuracy, precision, and recall.|