Abstract
Operating System fingerprinting (OSF) is important to help on deciding security policy enforced on protected Virtual Machine (VM). Unfortunately, current OSF techniques suffer many problems, such as: they fail badly against modern Operating Systems (OS), they are slow, and only support limited OS-es and hypervisors.This paper analyzes the drawbacks of current OSF approaches against VM in the cloud, then introduces a novel method, named UFO, to fingerprint OS running inside VM. Our solution fixes all the above problems: Firstly, it can recognize all the available OS variants and (in lots of cases) exact OS versions with excellent accuracy, regardless of OS tweaking. Secondly, UFO is extremely fast. Last but not least, it is hypervisor-independent: we proved that by implementing UFO for Xen and Hyper-V.
Author supplied keywords
Cite
CITATION STYLE
Quynh, N. A. (2010). Operating System Fingerprinting for Virtual Machines. DEF CON 18 Hacking Conference. Retrieved from https://www.defcon.org/images/defcon-18/dc-18-presentations/Quynh/DEFCON-18-Quynh-OS-Fingerprinting-VM.pdf
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
