—Operating System (OS) detection is one of the
main concerns for computer security. The previous works that
have been done on operating system detection, exploit some
features of TCP/IP traffic based on a single packet. In this
work, we built a system where TCP/IP communication is setup
between machines to capture and analyze TCP/IP packets for
more accurate and fine grained OS detection using our novel
packet correlation approach. We used existing signature
matching methods, extend it and employed machine learning
techniques to detect remote operating systems with improved
accuracy. We also employed mobile systems like smart phones
and tablets to perform mobile OS fingerprinting. The tools we
created also established encrypted communication using Secure
Socket Layer (SSL) network protocol to investigate the effect of
SSL communication on OS fingerprinting. The result of our
experimental work showed that fine grained OS detection can
be achieved for modern and mobile OSs using our approach.
—OS fingerprinting, remote operating system
detection, vulnerability assessment, mobile operating system.
The authors are with ICS department at King Fahd University of
Petroleum and Minerals, Dhahran 31261, Saudi Arabia (e-mail:
Cite:Taher Al-Shehari and Farrukh Shahzad, "Improving Operating System Fingerprinting using Machine Learning Techniques," International Journal of Computer Theory and Engineering vol. 6, no. 1, pp. 57-62, 2014.