Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

An operating system identification method based on random forest

An operating system and random forest technology, applied in the computer field, can solve the problems of high training overhead and application performance bottlenecks of the support vector machine method

Active Publication Date: 2021-02-19
XI AN JIAOTONG UNIV +1
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Zou Tiezheng proposed an operating system identification method based on support vector machines, which is classified by constructing a large number of binary classifiers. However, this method has limitations. With the increase of operating system types, the training overhead of the support vector machine method is too large, and the application performance suffers. bottleneck

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An operating system identification method based on random forest
  • An operating system identification method based on random forest
  • An operating system identification method based on random forest

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] A kind of operating system identification method based on random forest of the present invention, builds random forest based on C4.5 decision tree algorithm, comprises the following steps:

[0057] S1. Data preparation and feature extraction: Monte Carlo method is used to determine the characteristic attributes used in training, the value range of each attribute and the most likely fingerprint set based on the third-party fingerprint library analysis, and a large number of random samples are taken for the fingerprint library. , combined into a training set and a test set, and vectorize the data of the training set and the test set;

[0058] Constructed based on the Nmap fingerprint library, based on the Nmap system detection principle:

[0059] Nmap sends 16 data packets to generate a corresponding response sequence, and each response sequence corresponds to some flag bits. The system type is determined by comparing the matching degree of the detected dynamic fingerprin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an operating system identification method based on a random forest, which adopts a Monte Carlo method to randomly sample a fingerprint library to form a training set and a test set, and then performs vectorization processing; and uses a binning method to perform data passivation processing; Based on the set layered architecture, according to the operating system category identification layer, operating system major version number identification layer and operating system detailed version identification layer, train random forest classifiers respectively, build multiple decision trees, each tree uses its own out-of-package estimation If the test accuracy is higher than the set accuracy threshold, it will be added to the random forest; local incremental training of layered architecture, parameter adjustment processing to improve model accuracy; identification and prediction of real detection traffic, each tree in the random forest Both give a classification result, adopt the equal voting method, and select the category with the most votes as the final prediction result. It can effectively identify unknown fingerprints and improve the accuracy of identification.

Description

technical field [0001] The invention belongs to the technical field of computers, and in particular relates to an operating system identification method based on a random forest. Background technique [0002] With the rapid popularization of the Internet, the importance of the network security field has become increasingly prominent. The detection and identification of the operating system is of great significance to the assessment and protection of network security, and it is also an important step in asset identification. [0003] At present, most of the detection tools are mainly based on the known operating system fingerprint library, using the traditional static fingerprint matching method to judge, there is a problem of difficulty in identifying unknown fingerprints, and the introduction of machine learning related algorithms to further mine the sufficient and necessary conditions for fingerprints from features , can effectively solve the problem of unknown fingerprint...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L12/24G06K9/62H04L29/06
CPCH04L43/10H04L41/145H04L41/147H04L69/163H04L69/164H04L43/106H04L43/0847H04L41/142G06F18/241G06F18/214
Inventor 范建存张子豪樊志甲李瀛
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com