• 不 限
  • 期刊论文
  • 硕博论文
  • 会议论文
  • 报 纸
  • 英文论文
  2. 您的位置
  3. 首页
  4. 会议论文
  5. A Framework for Inferring Unknown Protocol Formats from Binary Network Traces

A Framework for Inferring Unknown Protocol Formats from Binary Network Traces

来源 :2014年国际计算机科学与软件工程学术会议 | 被引量 : 0次 | 上传用户:youngw258
【摘 要】
As many network applications attackers may utilize the protocol vulnerabilities for spreading malicious codes,or exploit some unknown protocols to transfer data secretly.The techniques of inferring pr
【作 者】
Yuan LIU Chun-Rui ZHANG Fan-Zhi MENG Tong LI Yang YUE 
【机 构】
Institute of Computer Application,China Academy of Engineering Physics,Mianyang,China
【出 处】
2014年国际计算机科学与软件工程学术会议
【发表日期】
2014年12期
【关键词】
Protocol Formats Inference Binary Protocol Network Traces 
下载到本地 , 更方便阅读
下载此文 赞助VIP
声明 : 本文档内容版权归属内容提供方 , 如果您对本文有版权争议 , 可与客服联系进行内容授权或下架
论文部分内容阅读
  As many network applications attackers may utilize the protocol vulnerabilities for spreading malicious codes,or exploit some unknown protocols to transfer data secretly.The techniques of inferring protocol formats are helpful to detect such attacks and analysis these unknown protocols.A protocol format inference framework is proposed in this paper,which can automatically inferring protocol formats from binary network traces.It firstly transforms the binary unknown protocol packets into hex messages; the units of keywords are extracted and then spliced into keywords.K-Means based algorithm is adopted to cluster messages according to the keywords distribution,and Needleman Wunsch algorithm is used to merge clusters of same format and to extract the same fields.The framework is tested by extracting formats of ARP and SMTP protocols,and the experiment results indicate its validity.
其他文献
Algorithm Research of Intelligent Honeynet System Network Security
To solve the problem of intelligent capacity of disguise for Honeynet,this paper proposes an intelligent algorithm of dynamic deploying for Honeynet-evolution study.The algorithm based on positive def
会议
Honeynet systemIntelligent dynamic deploymentEvolutionary learning algorithm
The System Design of Target Movement Simulation System Based on Auto-disturbance Rejection Controlle
This research focuses on the design and debugging for a control system—Target Movement Simulation System.In order to acquire high performance of turntable in condition of time-variety load,ADRC (Activ
会议
Angular Displacement SimulatorActive Disturbance Rejection ControllerVariable
Simulation Analysis on Water Impact Load of Aircraft Model with Different Materials
Finite element model of an amphibious aircraft is built by using MSC.Patran software and the aircraft water landing is simulated by MSC.Dytran.The emphasis of the simulation is to determine that the d
会议
Amphibious AircraftWater ImpactMSC.DytranMaterialRigidElastic-Plastic
Experimental Study and Motion Simulation of Biomass Particle on Fluidized Suspension Bed
In this paper,a new experimental device is designed.The corn cob and rice husk are carried out separately on a separate and mixed flow of fluid.Using FLUENT software,the gas-solid movement of the part
会议
BiomassSuspensionFluidizationFluidization Characteristics
Optimization for Rectangle Packing Problem Based on Heuristic Strategy
Put forward a method for rectangle layout problems by rectangle NFP in packing space,aiming to rectangle only keep on single original pose in NFP calculating,take heuristic strategy namely rotating 90
会议
Rectangle Packing ProblemRectangle NFPHeuristic StrategyRectangle RotationUt
Spatial Distribution Pattern of Flue-Cured Tobacco Aroma Types Using BP Neural Network
In China,aroma types of flue-cured tobacco were divided into light,medium,and heavy.However,evaluation of flue-cured tobacco aroma types using chemical compositions in a quantitative way at national s
会议
Aroma TypeChemical CompositionSpatial Distribution
Research on Pressure Control System of Pressurizer in the Pressurized Water Reactor Nuclear Power Pl
PID controller is the most widely used controller.The parameters of traditional PID controller are fixed,and the scope of adapting is limited.In this paper,the RBF neural network controller is used to
会议
RBF neural networkPID controllerPressure control
Application of Fuzzy Clustering Iterative Model to the Human Scale of China's Provincial Govern
At present,the quantitative analysis and empirical research of Chinese academia on government population scale was limited to two basic perspectives,the vertical and horizontal.Quantitative study of t
会议
Fuzzy clustering iterativeHuman scaleFeatures of classification
Detecting Overlapping Community Structure via an Improved Spread Algorithm Based on PCA
Community structure is an important property to uncover structural and functional features in various complex systems.In this paper,we propose an improved spread algorithm based on Principal Component
会议
Community detectionSpectral AnalysisPCA
A Test Case Selection Method to Support Fault Localization
Fault localization techniques are promising in reducing debugging efforts.To effectively locate faults,many fault localization techniques require a large number of test cases whose execution results a
会议
Test Case SelectionTestingDebuggingFault Localization