Real-time object-oriented modeling
Real-time object-oriented modeling
QUARK: Empirical Assessment of Automaton-based Specification Miners
WCRE '06 Proceedings of the 13th Working Conference on Reverse Engineering
binpac: a yacc for writing application protocol parsers
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Tupni: automatic reverse engineering of input formats
Proceedings of the 15th ACM conference on Computer and communications security
Prospex: Protocol Specification Extraction
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering
Proceedings of the 16th ACM conference on Computer and communications security
Mining message sequence graphs
Proceedings of the 33rd International Conference on Software Engineering
Inferring protocol state machine from network traces: a probabilistic approach
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
PrefixTreeESpan: a pattern growth algorithm for mining embedded subtrees
WISE'06 Proceedings of the 7th international conference on Web Information Systems
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Hi-index | 0.00 |
The reverse extraction of the protocol model from a network application is performed to understand network behaviour and detect vulnerabilities. In this paper, we propose a framework that automatically extracts the described formal protocol model using a state machine. The proposed system, which is based on a dynamic binary analysis technique, is suited to the reverse analysis of network applications implemented with closed and encrypted protocols. We evaluate the technique by conducting experiments on the extracting protocol models from two secure socket layer implementation programs to demonstrate the strength of this technique. The results show that the proposed approach can produce a corresponding approximate protocol model from network applications. However, exhibiting high practice in the aspect of network behaviour analysis does not make sense for real-world applications.