ABSTRACT

This chapter addresses the identification of a remote operating system, across a computer network, with the aid of computational intelligence. Based on an introductory presentation of fundamental concepts of remote operating system detection, we present a survey on the use of computational intelligence in this area. This study points to new research directions that are developed in this work. Specifically, this work presents advances in (1) the algorithm used to extract distinguishable characteristics from reliable data and (2) the procedure used to minimize the amount of data necessary to classification. Considering a set of 16 operating systems, the results indicate that it is possible to perform identification using only 25 network messages with high levels of accuracy, reaching a correct classification rate above 98%.