Reverse Engineering of Protocols from Network Traces
作者: Joao Antunes , Nuno Neves , Paulo Verissimo
DOI: 10.1109/WCRE.2011.28
关键词:
摘要: Communication protocols determine how network components interact with each other. Therefore, the ability to derive a specification of protocol can be useful in various contexts, such as support deeper black-box testing or effective defense mechanisms. Unfortunately, it is often hard obtain because systems implement closed (i.e., undocumented) protocols, time consuming translation has performed, from textual description format readable by tools. To address these issues, we propose new methodology automatically infer traces, which generates automata for language and state machine. Since our solution only resorts interaction samples protocol, well-suited uncover message formats states also automate most process specifying open protocols. The approach was implemented tool experimentally evaluated publicly available FTP traces. Our results show that inferred good approximation reference specification, exhibiting high level precision recall.
ieeecomputersociety.org
acm.org 参考文章(26)
Colin de la Higuera, Grammatical Inference: Learning Automata and Grammars ,(2010)
Xuxian Jiang, Dongyan Xu, Zhiqiang Lin, Xiangyu Zhang, Automatic Protocol Format Reverse Engineering through Context-Aware Monitored Execution. network and distributed system security symposium. ,(2008)
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Colin de la Higuera, Learning finite state machines finite state methods and natural language processing. pp. 1- 10 ,(2009) , 10.1007/978-3-642-14684-8_1
Hinrich Schütze, Christopher D. Manning, Prabhakar Raghavan, Introduction to Information Retrieval ,(2005)
Weidong Cui, Helen J. Wang, Jayanthkumar Kannan, Discoverer: automatic protocol reverse engineering from network traces usenix security symposium. pp. 14- ,(2007)
Walter Daelemans, Colin de la Higuera: Grammatical inference: learning automata and grammars Machine Translation. ,vol. 24, pp. 291- 293 ,(2010) , 10.1007/S10590-011-9086-9
J. Postel, J. K. Reynolds, File Transfer Protocol File Transfer Protocol. ,vol. 959, pp. 1- 69 ,(1985)
Rajeev Motwani, John E. Hopcroft, Jeffrey D. Ullman, Introduction To Automata Theory, Languages And Computation, 3Rd Edition ,(2012)
A.T. Dahbura, K.K. Sabnani, M.U. Uyar, Formal methods for generating protocol conformance test sequences Proceedings of the IEEE. ,vol. 78, pp. 1317- 1326 ,(1990) , 10.1109/5.58319