通信学报Issue(10):162-173,12.DOI:10.3969/j.issn.1000-436x.2013.10.019
语义层次的协议格式提取方法
Protocol format extraction at semantic level
摘要
Abstract
Present methods for protocol format extraction analyze the execution traces of programs at syntax level, which leads to redundancy and conflict in the results of field identification. In order to improve the accuracy of field identifica-tion, a semantic level method was proposed for protocol format extraction. The method firstly translated the binary in-structions into equivalent intermediate language, and then tracked the parsing process of field semantics through fine-grained dynamic taint analysis. Further, it extracted protocol format using semantic level policies of field identifica-tion, based on the semantic indivisibility of fields. Experimental results show that the proposed method can achieve high identification accuracy with low complexity.关键词
协议逆向工程/协议格式提取/动态污点分析/中间语言Key words
protocol reverse engineering/protocol format extraction/dynamic taint analysis/intermediate language分类
信息技术与安全科学引用本文复制引用
潘璠,洪征,周振吉,吴礼发..语义层次的协议格式提取方法[J].通信学报,2013,(10):162-173,12.基金项目
国家自然科学基金资助项目(61070173);江苏省自然科学基金资助项目(BK2011115);军用网络技术实验室创新开放基金资助项目Foundation Items:The National Natural Science Foundation of China (61070173) (61070173)
The Natural Science Foundation of Jiangsu Province (BK 2011115) (BK 2011115)
The Opening Foundation of Laboratory of Military Network Technology ()
