Classifying Network Protocol Implementation Versions: An OpenSSL Case Study

Rubin, Aviel D.; Green, Matthew; Checkoway, Stephen; Rushanan, Michael; Martin, Paul D.

View/Open

martin.pdf (230.4Kb)

Date

2013-12-11

Author

Rubin, Aviel D.

Green, Matthew

Checkoway, Stephen

Rushanan, Michael

Martin, Paul D.

Metadata

Show full item record

Abstract

A new technique is presented for identifying the implementation version number of software that is used for Internet communications. While many programs may exchange version numbers, oftentimes only a small subset of them send any information at all. Furthermore, they usually do not provide accurate details about which implementation is used. We use machine learning techniques to build a feature database and then apply this to network traffic to try to identify specific implementations on servers. We apply our technique to OpenSSL and report our results.

URI

http://jhir.library.jhu.edu/handle/1774.2/36570

Collections

Current Technical Reports