中文摘要：

针对传统Web服务识别方法对服务器软件实现差异依赖性强、不利于扩展到其他终端设备等缺陷,提出了一种网络空间终端设备双重因素主动识别框架.该框架从服务标识（Banner）和Web指纹两个角度分析终端设备网络指纹特征.首先,从HTTP数据包头部的＂Server＂字段、＂WWW-Authenticate＂字段及HTML源代码中深入挖掘终端设备Web服务中的Banner信息;其次,从图片文件和文本文件中提取终端设备具有的Web指纹特征;同时,结合具体案例分析各识别方法的有效性及优缺点.结果表明,该框架解决了传统识别方法中Banner信息获取途径单一、依赖服务器软件差异特征的问题,成功将Web服务识别方法扩展到了网络空间终端设备上.最后,总结已有成果并探讨该框架未来改进方向.

英文摘要：

Since the traditional web service identification methods are highly depended on the differences of server software implementation, unfavorable to expand to other terminal devices, a kind of proactive identification framework with double factors for cyberspace terminal device is proposed. The framework analyzed the network fingerprint characteristics of terminal device from perspectives of banner and web fingerprint. Firstly, banner information of web service in terminal device is mined from ＂Server＂ field and ＂WWW-Authenticate＂ field and HTML source code in HTTP packet header; secondly, web fingerprint of terminal device wasis extracted from image files and text files; meanwhile, it analyzes the effectiveness as well as advantages and disadvantages according to the specific cases. The results show that the framework solves the problems of extracting banner information simply and being limited by the differences of server software implementation in traditional identification methods. Finally, it summarizes research results and discusses future improvements of the framework.