Classifying Network Protocol Implementation Versions: An OpenSSL Case Study
View/ Open
Date
2013-12-11Author
Rubin, Aviel D.
Green, Matthew
Checkoway, Stephen
Rushanan, Michael
Martin, Paul D.
Metadata
Show full item recordAbstract
A new technique is presented for identifying the implementation version number of software that is used for Internet communications. While many programs may exchange version numbers, oftentimes only a small subset of them send any information at all. Furthermore, they usually do not provide accurate details about which implementation is used. We use machine learning techniques to build a feature database and then apply this to network traffic to try to identify specific implementations on servers. We apply our technique to OpenSSL and report our results.