Abstract
As the development of network became more complex, protocol reverse engineering has attracted increasing attention and widely applied in intrusion detection, vulnerability discovery, and electronic countermeasures. To separate the obtained binary data frames under complex wireless network environment so as to provide prerequisite for the following reverse protocol analysis, cluster system of complex protocol suites was implemented. First, AC algorithm was utilized to mine the frequent sequence characteristics in binary data frames. Then Apriori algorithm was employed innovatively to analyze the association relationships between these characteristics. In addition, combining with the features of binary frames, the results were conducted by four-step pruning. Finally, the selected characteristics were applied for cluster by the improved K-means algorithm. Results indicated that: the clustering effect of the system for binary protocol data frames is favorable. Meanwhile, as for the multilayer protocol suites with TYPE fields, the system is able to further distinguish the hierarchical relations between multiple protocols.
Similar content being viewed by others
References
Beddoe, M.: Protocol information project [EB/OL]. http://www.4tphi.net/awalters/PI/pi.pdf (2012)
Caballero, J., Poosankam, P., Kreibich, C., et al.: Dispatcher: enabling active botnet infiltration using automatic protocol reverse engineering. In: Proceedings of ACM Conference on Computer and Communications Security, pp. 621–634. ACM, New York (2009)
Comparetti, P.M., Wondracek, G., Kruegel, C., et al.: Prospex: protocol specification extraction. In: Proceedings of the 30th IEEE Symposium on Security and Privacy, pp. 110–125 (2009)
Crampton, J., Khambhammettu, H.: Delegation in role-based access control. Int. J. Inf. Secur. 7(2), 123–136 (2008)
Cui, W.D., Kannan, J., Wang, H.J.: Discoverer: automatic protocol reverse engineering from network traces. In: Proceedings of the 16th USENIX Security Symposium, pp. 199–212 (2007)
Cui, W.D., Paxson, V., Weaver, N.C., et al.: Protocol independent adaptive replay of application dialog. In: Proceedings of the 13th Annual Network and Distributed System Security Symposium (2006)
Dreger, H., Feldmann, A., Mai, M., et al.: Dynamic application layer protocol analysis for network intrusion detection. In: Proceedings of USENIX Security Symposium, pp. 257–272 (2006)
Jack, H.: Lutz. The frequent paucity of trivial strings. Inf. Process. Lett. 114(11), 643–645 (2014)
Li, W.M., Zhang, A.F., Liu, J.C., et al.: An automatic network protocol fuzz testing and vulnerability discovering method. Chin. J. Comput. 34(2), 242–255 (2011)
Lu, G., Jin, H.Y.: Covariance-based barrage jammer nulling filter for surveillance radar. IEICE Trans. Commun. E97B(2), 512–518 (2014)
Manzano, M., Urueña, M., Sužnjević, M., Calle, E., Hernández, J.A., Matijasevic, M.: Dissecting the protocol and network traffic of the OnLive cloud gaming platform. Multimed. Syst. 20(5), 451–470 (2014)
Song, J., Zhang, C.R., Zhang, N., et al.: Network traffic identification based on data finger-print. Appl. Res. Comput. 29(12), 4604–4606 (2012)
Song, J.S., Cadar, C., Pietzuch, P.: SYMBEXNET: testing network protocol implementations with symbolic execution and rule-based specifications. IEEE Trans. Softw. Eng. 40(7), 695–709 (2014)
Sodeyama, K., Ishibashi, K., Kohno, R.: An analysis of interference mitigation capability of low duty-cycle UWB communications in the presence of wideband OFDM system. Wirel. Pers. Commun. 54(1), 39–52 (2010)
Wainer, J., Kumar, A.: A fine-grained, controllable user-to-user delegation method in RBAC. In: Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, pp. 59–66. ACM, New York (2005)
Zhao, Q.S., Sun, Y.Y., Sun, B.: RPRDM: a repeated- and- part-role-based delegation model. J. Comput. Res. Develop. 40(2), 221–227 (2003)
Hansen, M.T., Kusy, B., Jurdak, R., Langendoen, K.: AutoSync: automatic duty-cycle control for synchronous low-power listening. In: 2012 9th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks (SECON), pp. 139–147 (2012)
Polastre, J., Hill, J., Culler, D.: Versatile low power media access for wireless sensor networks. In: Proceedings of the 2nd International Conference on Embedded Networked Sensor Systems, pp. 95–107 (2004)
El-Hoiydi, A., Decotignie, J.-D.: WiseMAC: an ultra low power MAC protocol for the downlink of infrastructure wireless sensor networks. In: ISCC 2004, Proceedings of the Ninth International Symposium on Computers and Communications, 2004, pp. 244–251 (2004)
Buettner, M., Yee, G,V., Anderson, E., Han, R.: X-MAC: a short preamble MAC protocol for duty-cycled wireless sensor networks, pp. 307–320 (2006)
Talay, A.C., Altilar, D.T.: Self adaptive routing for dynamic spectrum access incognitive radio networks. J. Netw. Comput. Appl. 36, 1140–1151 (2013)
Yau, A.K.L., Ramli, N., Hashim, W., Mohamad, H.: Clustering algorithms for cognitive radio networks: a survey. J. Netw. Comput. Appl. 45, 79–95 (2014)
Han, J.A., Jeon, W.S., Jeong, D.G.: Energy-efficient channel management scheme for cognitive radio sensor networks. IEEE Trans. Veh. Technol. 60, 1905–1910 (2011)
G. Smaragdakis, I. Matta, A. Bestavros, SEP: a stable election protocol for clustered heterogeneous wireless sensor networks, supported in part by NSF grants ITR ANI-0205294, EIA-0202067, ANI-0095988, and ANI-9986397, 2004, pp. 1–11
Kumar, D., Aseri, T.C., Patel, R.B.: Multi-hop communication routing (MCR) protocol for heterogeneous wireless sensor networks. Int. J. Inf. Technol. Commun. Converg. 1(2), 130–145 (2011)
Mehmood, A., Khan, S., Shams, B., Lloret, J.: Energy-efficient multi-level and distance-aware clustering mechanism for WSNs. Int. J. Commun. Syst. (2013). doi:10.1002/dac.2720.Wiley
Xu, Z., et al.: Crowdsourcing based social media data analysis of urban emergency events. Multimed. Tools Appl. (2015). doi:10.1007/s11042-015-2731-1
Xu, Z., et al.: Semantic enhanced cloud environment for surveillance data management using video structural description. Computing 98(1–2), 35–54 (2016)
Xu, Z., et al.: Mining temporal explicit and implicit semantic relations between entities using web search engines. Future Gener. Comput. Syst. 37, 468–477 (2014)
Luo, X., Xu, Z., Yu, J., Chen, X.: Building association link network for semantic link on web resources. IEEE Trans. Autom. Sci. Eng. 8(3), 482–494 (2011)
Hu, C., Xu, Z., et al.: Semantic link network based model for organizing multimedia big data. IEEE Trans. Emerg. Top. Comput. 2(3), 376–387 (2014)
Xu, Z., et al.: Crowdsourcing based description of urban emergency events using social media big data. IEEE Trans. Cloud Comput. (2016). doi:10.1109/TCC.2016.2517638
Acknowledgments
This research is supported by the development of the science and technology foundation of China Academy of Engineering Physics (2012A0403021), NSAF Joint Fund (Project No. U1230106) and the national information security development plan (2013F098).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zheng, J. Research on a cluster system for binary data frames of wireless sensor network. Cluster Comput 19, 783–791 (2016). https://doi.org/10.1007/s10586-016-0559-8
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-016-0559-8