Abstract:
Emergence of high-speed Internet and ubiquitous environment is generating massive traffic, and it has led to a rapid increase of applications and malicious behaviors with...Show MoreMetadata
Abstract:
Emergence of high-speed Internet and ubiquitous environment is generating massive traffic, and it has led to a rapid increase of applications and malicious behaviors with various functions. Many of the complex and diverse protocols that occur under these situations, are unknown or proprietary protocols that are at least documented. For efficient network management and network security, protocol reverse engineering that extract the specification of the protocols is very important. While various protocol reverse engineering methods have been studied, there is no single standardized method to extract protocol specification completely yet, and each of methods has some limitations. In this paper, we propose the framework for precise protocol reverse engineering based on network traces. The proposed framework can extract highly elaborative and intuitive message formats, flow formats, and protocol state machine of the unknown protocol. We demonstrate the validity of our framework through an example of HTTP protocol.
Date of Conference: 23-27 April 2018
Date Added to IEEE Xplore: 09 July 2018
ISBN Information:
Electronic ISSN: 2374-9709