-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
146 lines (110 loc) · 9.21 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
<!DOCTYPE html>
<html lang="en-US">
<head>
<meta charset='utf-8'>
<meta http-equiv="X-UA-Compatible" content="chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href="https://fonts.googleapis.com/css?family=Josefin+Sans|Josefin+Slab|News+Cycle" rel="stylesheet">
<link rel="stylesheet" href="/RTT_Analysis/assets/css/style.css?v=02046a90375125b048a0a7b46c89bf5e23d9d2d5" media="screen" type="text/css">
<link rel="stylesheet" href="/RTT_Analysis/assets/css/print.css" media="print" type="text/css">
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<!-- Begin Jekyll SEO tag v2.3.0 -->
<title>A Study of active fingerprinting of Hosts in an Institutional Network | RTT_Analysis</title>
<meta property="og:title" content="A Study of active fingerprinting of Hosts in an Institutional Network" />
<meta property="og:locale" content="en_US" />
<meta name="description" content="Research Project A study of active fingerprinting of hosts in an institutional network. Research Abstract: Active fingerprinting is an effective way to know the security status of individual hosts and network as a whole. The fingerprint of a host is comprised of its route from the server, port status, OS and open services. Fingerprint gives a fair idea about the vulnerability of hosts against security threats. In this work, the output of fingerprint scanning tool has been analyzed extensively to determine correlations between various timers like RTTm, SRTT, RTTVar and RTO, and fingerprint components. Inter-component relations have also been explored to find out dependencies. The behavior of the hosts is analyzed during the course of the day. We analyzed the variability in timers within a network using active fingerprinting techniques. It has been concluded that during low-traffic hours, timers are highly correlated while in high-traffic hours RTTm and RTO are not correlated with SRTT and RTTVar. Timers in a network vary widely whereas SRTT and RTTVar remain highly correlated throughout the analysis. Moreover, a distinct correlation pattern is observed in timers with variation in IP-ID Sequence classes, traceroute protocols and network traffic intensity." />
<meta property="og:description" content="Research Project A study of active fingerprinting of hosts in an institutional network. Research Abstract: Active fingerprinting is an effective way to know the security status of individual hosts and network as a whole. The fingerprint of a host is comprised of its route from the server, port status, OS and open services. Fingerprint gives a fair idea about the vulnerability of hosts against security threats. In this work, the output of fingerprint scanning tool has been analyzed extensively to determine correlations between various timers like RTTm, SRTT, RTTVar and RTO, and fingerprint components. Inter-component relations have also been explored to find out dependencies. The behavior of the hosts is analyzed during the course of the day. We analyzed the variability in timers within a network using active fingerprinting techniques. It has been concluded that during low-traffic hours, timers are highly correlated while in high-traffic hours RTTm and RTO are not correlated with SRTT and RTTVar. Timers in a network vary widely whereas SRTT and RTTVar remain highly correlated throughout the analysis. Moreover, a distinct correlation pattern is observed in timers with variation in IP-ID Sequence classes, traceroute protocols and network traffic intensity." />
<link rel="canonical" href="https://newtein.github.io/RTT_Analysis/" />
<meta property="og:url" content="https://newtein.github.io/RTT_Analysis/" />
<meta property="og:site_name" content="RTT_Analysis" />
<script type="application/ld+json">
{"name":"RTT_Analysis","description":"Research Project A study of active fingerprinting of hosts in an institutional network. Research Abstract: Active fingerprinting is an effective way to know the security status of individual hosts and network as a whole. The fingerprint of a host is comprised of its route from the server, port status, OS and open services. Fingerprint gives a fair idea about the vulnerability of hosts against security threats. In this work, the output of fingerprint scanning tool has been analyzed extensively to determine correlations between various timers like RTTm, SRTT, RTTVar and RTO, and fingerprint components. Inter-component relations have also been explored to find out dependencies. The behavior of the hosts is analyzed during the course of the day. We analyzed the variability in timers within a network using active fingerprinting techniques. It has been concluded that during low-traffic hours, timers are highly correlated while in high-traffic hours RTTm and RTO are not correlated with SRTT and RTTVar. Timers in a network vary widely whereas SRTT and RTTVar remain highly correlated throughout the analysis. Moreover, a distinct correlation pattern is observed in timers with variation in IP-ID Sequence classes, traceroute protocols and network traffic intensity.","author":null,"@type":"WebSite","url":"https://newtein.github.io/RTT_Analysis/","image":null,"publisher":null,"headline":"A Study of active fingerprinting of Hosts in an Institutional Network","dateModified":null,"datePublished":null,"sameAs":null,"mainEntityOfPage":null,"@context":"http://schema.org"}</script>
<!-- End Jekyll SEO tag -->
<style>
html, body {
max-width: 100%;
margin: 0;
background: #fdf9f2 !important;
font-weight: 400;
font-family: Josefin Sans,sans-serif,arial,serif !important;
color:#000000 !important;
}
p{
font-weight:400 !important;
color:#000000 !important;
margin-top:2px;
}
h2 {
width: 100%;
border-bottom: 2px solid #ed5565;
line-height: 1.5em;
margin: 5px 0px 10px 0px;
}
h3 {
width: 100%;
border-bottom: 2px solid #ed5565;
line-height: 1em;
margin: 5px 0px 10px 0px;
}
</style>
<script
src="https://code.jquery.com/jquery-3.3.1.min.js"
integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8="
crossorigin="anonymous"></script>
<script>
$(function(){
$("#includedContentDiv").load("https://raw.githubusercontent.com/newtein/no_escape_search/master/tempfile.html");
});
</script>
</head>
<body>
<header style="background-image:None;background-color:#ed5565;">
<div class="inner">
<a href="https://newtein.github.io/RTT_Analysis/">
<h1 style="color:#ffffff;"> Network Fingerprinting </h1>
</a>
<h2 style="color:#ffffff;"> A study of active fingerprinting of hosts in an institutional network </h2>
<a href="https://github.com/newtein/RTT_Analysis" class="button"><small>View project on</small> GitHub</a>
</div>
</header>
<div id="content-wrapper">
<div class="inner clearfix">
<section id="main-content">
<h3 id="abstract">Research Abstract:</h3>
<center>
<img src="Images/info.png"/>
</center>
<h3> Observed correlation between timers with variation in IP-ID Classes </h3>
<p> <img src="https://raw.githubusercontent.com/newtein/RTT_Analysis/master/Figures/Figure-8.png" alt="UI" /></p>
<h3> Observed correlation between timers with variation in Network Traffic </h3>
<p> <img src="https://raw.githubusercontent.com/newtein/RTT_Analysis/master/Figures/Figure-12.png" alt="UI" /></p>
<h3> Observed correlation between timers with variation in Traceroute Protocols </h3>
<p> <img src="https://raw.githubusercontent.com/newtein/RTT_Analysis/master/Figures/Figure-9.png" alt="UI" /></p>
</section>
<aside id="sidebar">
<a href="#otherProjects"><h2 class="headB"> Other Projects </h2> </a>
<h2> Research-Project </h2>
<p> Dec, 2017 - Jan, 2018 </p>
<h2> Domain </h2>
<p> Network Communication, Traceroute Protocols, Information Security <p>
<h2> Publication </h2>
<p> Accepted for Publication in Journal of Wireless Personal Communication by Springer (Scopus, SCI indexed). <p>
<h2> Advisor </h2>
<p> <b> Dr. Sangeeta Mittal </b> <br/>
Department of Computer Science and Engineering <br/>
Jaypee Institute of Information Technology, Noida, India </p>
<h2 id="technologies-used">Tools/Technologies Used</h2>
<p> Python, Analysis (Numpy, SciPy, Scikit-learn), Visualization (Matplotlib, Searborn) </p>
<h2> Other Collaborators </h2>
<p> Abhinav Sharma </p>
<div id="includedContentDiv"></div>
<p class="repo-owner"><a href="https://github.com/newtein/RTT_Analysis">RTT_Analysis</a> is maintained by <a href="https://github.com/newtein"> Harshit Gujral (newtein)</a>.</p>
<script src="https://use.fontawesome.com/8b09d5ebcd.js"></script>
<p> Made with <font color="#ed5565"> <i class="fa fa-heart" aria-hidden="true"></i> </font> by harshit</p>
</aside>
</div>
</div>
</body>
</html>