Inferring protocol state machine from network traces: a probabilistic approach
作者: Yipeng Wang , Zhibin Zhang , Danfeng Yao , Buyun Qu , Li Guo
DOI: 10.1007/978-3-642-21554-4_1
关键词:
摘要: Application-level protocol specifications (ie, how a protocol should behave) are helpful for network security management, including intrusion detection and intrusion prevention. The knowledge of protocol specifications is also an effective way of detecting malicious code. However, current methods for obtaining unknown protocol specifications highly rely on manual operations, such as reverse engineering which is a major instrument for extracting application-level specifications but is time-consuming and laborious. Several works have …
springer.com
core.ac.uk
acm.org 
sci-hub.st 参考文章(19)
Zhenkai Liang, Juan Caballero, Dawn Song, David Brumley, James Newsome, Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation usenix security symposium. pp. 15- ,(2007)
John Dunagan, Pallavi Joshi, Helen J. Wang, Nikita Borisov, David Brumley, Chuanxiong Guo, Generic Application-Level Protocol Analyzer and its Language. network and distributed system security symposium. pp. 15- ,(2007)
Finding Groups in Data John Wiley & Sons, Inc.. ,(1990) , 10.1002/9780470316801
Weidong Cui, Helen J. Wang, Jayanthkumar Kannan, Discoverer: automatic protocol reverse engineering from network traces usenix security symposium. pp. 14- ,(2007)
Pongsin Poosankam, Juan Caballero, Dawn Song, Avrim Blum, Min G Kang, Shobha Venkataraman, FiG: Automatic Fingerprint Generation network and distributed system security symposium. ,(2007) , 10.1184/R1/6468806.V1
Vern Paxson, Anja Feldmann, Holger Dreger, Robin Sommer, Michael Mai, Dynamic application-layer protocol analysis for network intrusion detection usenix security symposium. pp. 18- ,(2006)
F. Gringoli, Luca Salgarelli, M. Dusi, N. Cascarano, F. Risso, k. c. claffy, GT: picking up the truth from the ground for internet traffic acm special interest group on data communication. ,vol. 39, pp. 12- 18 ,(2009) , 10.1145/1629607.1629610
AA, Alan Stuart, Keith Ord, Kendall's advanced theory of statistics Journal of the American Statistical Association. ,vol. 90, pp. 398- ,(1987) , 10.2307/2291187
J. C. Dunn†, Well-Separated Clusters and Optimal Fuzzy Partitions Journal of Cybernetics. ,vol. 4, pp. 95- 104 ,(1974) , 10.1080/01969727408546059
Juan Caballero, Heng Yin, Zhenkai Liang, Dawn Song, Polyglot: automatic extraction of protocol message format using dynamic binary analysis computer and communications security. pp. 317- 329 ,(2007) , 10.1145/1315245.1315286