Since the introduction of networking protocols for Low-power and Lossy Networks (LLN), many implementations have been created in the form of (real-time) Operating Systems (OS), simplifying their usage and making the technology more widely available. The low cost and low complexit
...
Since the introduction of networking protocols for Low-power and Lossy Networks (LLN), many implementations have been created in the form of (real-time) Operating Systems (OS), simplifying their usage and making the technology more widely available. The low cost and low complexity of LLNs allow for large-scaled wireless sensor deployments, making it infeasible to frequently renew the deployed hardware. In addition to this, the low processing and memory requirements of the hardware increase the difficulty of patching their software or adding new security features to it, making them useful targets for hackers. The knowledge of what OS is running on a device is valuable, as each OS will have their own set of security issues and mitigation methods. We investigate the possibilities of OS fingerprinting in the LLN space by simulating networks of devices running a variety of OSes. Focusing specifically on the RPL routing protocol, we build a classifier based on packet headers and communication meta-data, able to differentiate between the investigated OSes. From the results, we illustrate the feasibility of OS fingerprinting based on RPL control frame header contents.