GSoC IPv6 Machine Learning

[João Godinho <joao.f.godinho () ist utl pt>]

Good evening,

I'm interested in applying for GSoC, specifically for the Machine 
Learning IPv6 OS detection and I was wondering if I can get more 
information about the task at hand, as well as share my thoughts on it.

The way IPv6 OS detection is implemented (as seen in 
https://nmap.org/book/osdetect-guess.html#osdetect-guess-ipv6) seems 
pretty straightforward, but I haven't seen information on how well the 
model fits the data, is there any information relative to this?
About the data itself, how large is the current set? Is it easy to 
generate new data? How were the features selected? This might be a good 
starting point for the project itself.
I believe that after having a good dataset, throwing something like a 
random forest at the data could give some good insights, some 
preliminary results could be obtained, as well as how relevant are the 
features and maybe reiterate their selection.
With the previous knowledge, test some common classifiers and integrate 
the result into nmap.

To summarize: data validation; test classifiers; nmap integration.

The previous is my opinion and what I'd like to do on such project, I'd 
like to hear what the devs have to say about this and their opinion.
I'd also like to point out that I'm no ML expert, there're probably 
easier and/or better ways to approach this. My knowledge on the subject 
is based on what I've learned so far in my MSc (Information Systems and 
Computer Engineering), in which I'm specializing in cyber-security and 
intelligent systems.


Best regards,
--
#70577
João Godinho
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/