计算机应用研究2017,Vol.34Issue(12):3779-3783,5.DOI:10.3969/j.issn.1001-3695.2017.12.059
基于HMM的私有协议自主学习方法
Automated private protocol learning method based on HMM
摘要
Abstract
For private protocol is widely used in industrial control network in recent years,it takes many problems for safety research.This paper proposed private protocol autonomous learning method based on hidden Markov models (HMM).This method got packet structure of finite state machine model through network traces.Against disadvantages of Baum-Welch algorithm,it designed the CAPP algorithm based on the causal-state splitting reconstruction (CSSR) algorithm to get the ε-machine of private protocol message formats,to avoid the local optimum and the problem of parameter selection on account of the lack of prior knowledge.And through the test on public protocol FTP,Modbus TCP and private protocol WDB RPC to prove the validity of the method.The next step research direction were also discussed.关键词
私有协议/隐马尔可夫模型/ε机/因果态分割重建Key words
private protocol/HMM/e-machine/CSSR分类
信息技术与安全科学引用本文复制引用
付光远,刘津霖,李海龙..基于HMM的私有协议自主学习方法[J].计算机应用研究,2017,34(12):3779-3783,5.基金项目
国家自然科学基金青年基金资助项目(61403397) (61403397)
陕西省自然科学基础研究计划资助项目(2015JM6313) (2015JM6313)
