Classifying Network Protocol Implementation Versions: An OpenSSL Case Study

Rubin, Aviel D.; Green, Matthew; Checkoway, Stephen; Rushanan, Michael; Martin, Paul D.

Classifying Network Protocol Implementation Versions: An OpenSSL Case Study

Files

martin.pdf (230.45 KB)

Date

2013-12-11T20:33:59Z

Authors

Abstract

A new technique is presented for identifying the implementation version number of software that is used for Internet communications. While many programs may exchange version numbers, oftentimes only a small subset of them send any information at all. Furthermore, they usually do not provide accurate details about which implementation is used. We use machine learning techniques to build a feature database and then apply this to network traffic to try to identify specific implementations on servers. We apply our technique to OpenSSL and report our results.

Keywords

OpenSSL, network protocol

URI

http://jhir.library.jhu.edu/handle/1774.2/36570

Collections

Current Technical Reports

Full item page