Invention Grant
- Patent Title: Method and system for evaluating tests used in operating system fingerprinting
-
Application No.: US11888925Application Date: 2007-08-03
-
Publication No.: US08352393B2Publication Date: 2013-01-08
- Inventor: Lloyd G. Greenwald , Tavaris J. Thomas
- Applicant: Lloyd G. Greenwald , Tavaris J. Thomas
- Applicant Address: FR Paris
- Assignee: Alcatel Lucent
- Current Assignee: Alcatel Lucent
- Current Assignee Address: FR Paris
- Agency: McCormick, Paulding & Huber, LLP
- Main IPC: G06F17/00
- IPC: G06F17/00 ; G06N5/00
Abstract:
In a system for evaluating classification systems such as an operating system (OS) fingerprinting tool (e.g., Nmap), information gain is used as a metric to evaluate the quality of the tool's classification tests, including fingerprinting tests and their associated probes. Information gain is determined using the OS fingerprinting tool's signature database rather than raw training samples, including taking into account signatures/data that are represented by ranges of test values, disjunctive values, and missing values. Uniform distributions over test values and classifications are assumed in applying these methods to an example signature database for Nmap. Other assumptions or a priori information (e.g., normal distributions over ranges) can also be accommodated. The information gain measure provided can be applied to other classification problems as well.
Public/Granted literature
- US20090037353A1 Method and system for evaluating tests used in operating system fingerprinting Public/Granted day:2009-02-05
Information query
