A Format Reverse Method for Binary Protocol From Communication Data
- DOI
- 10.2991/icmmita-15.2015.137How to use a DOI?
- Keywords
- protocol format reverse; HMM; multiple sequence alignment; feature analysis
- Abstract
Protocol format reverse based on communication data has played an important role in the fields of network security and information countermeasures. In this paper, a format reverse analysis method for binary communication protocol which based on probability alignment and differential analysis of statistic is proposed. The method adopts the data set of protocol frame as analysis object, and makes the corresponding fields in protocol frame aligned accurately by probability alignment algorithm firstly, and then identifies the boundary of adjacent fields in the frame according to the different features of various statistics, and finally reverses the communication protocol format specification. The experimental results show that the method can effectively identify the format specification of binary communication protocol and semantics specification for some fields in protocol frame format.
- Copyright
- © 2015, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Fanzhi Meng AU - Yuan Liu AU - Chunrui Zhang AU - Dong Liu PY - 2015/11 DA - 2015/11 TI - A Format Reverse Method for Binary Protocol From Communication Data BT - Proceedings of the 2015 3rd International Conference on Machinery, Materials and Information Technology Applications PB - Atlantis Press SP - 718 EP - 724 SN - 2352-538X UR - https://doi.org/10.2991/icmmita-15.2015.137 DO - 10.2991/icmmita-15.2015.137 ID - Meng2015/11 ER -