| 基于协议偏离的程序协议指纹提取与识别 |
| |
| 引用本文: | 李美剑,王勇军,解培岱,黄志坚.基于协议偏离的程序协议指纹提取与识别[J].计算机工程与科学,2015,37(4):682-691. |
| |
| 作者姓名: | 李美剑 王勇军 解培岱 黄志坚 |
| |
| 作者单位: | 国防科学技术大学计算机学院,湖南长沙,410073 |
| |
| 基金项目: | 教育部高等学校博士学科点专项科研基金资助项目(20124307110014) |
| |
| 摘 要: | 针对传统协议指纹提取技术耗时耗力,且无法提取与识别加密协议指纹问题,提出了一种基于协议偏离的程序协议指纹自动提取方法。协议偏离描述了协议各版本实现程序的网络行为差异,以动态二进制分析技术为支撑,分别从协议偏离会话流层面与偏离消息层面对协议特征进行提取。实验结果不仅验证了所提方法的可行性,还为提取与识别加密协议应用程序指纹提供了一条新思路。
|
| 关 键 词: | 协议偏离 协议逆向工程 协议指纹 协议特征 |
| 收稿时间: | 2013-11-01 |
| 修稿时间: | 2014-02-24 |
Extraction and recognition of protocol fingerprint
based on protocol deviation |
| |
| LI Mei-jian
,
WANG Yong-jun
,
XIE Pei-dai
,
HUANG Zhi-jian.Extraction and recognition of protocol fingerprint
based on protocol deviation[J].Computer Engineering & Science,2015,37(4):682-691. |
| |
| Authors: | LI Mei-jian WANG Yong-jun XIE Pei-dai HUANG Zhi-jian |
| |
| Affiliation: | (College of Computer,National University of Defense Technology,Changsha 410073,China) |
| |
| Abstract: | Since traditional protocol fingerprinting methods are usually time-consuming and cannot properly extract or recognize cryptographic protocols, we propose a novel protocol fingerprinting method based on protocol deviation. Protocol deviation describes the network behavior differentiations between different protocol implementations. Based on the dynamic binary analysis technology, the proposed method extracts protocol characteristics from the session stream level and the message level of protocol deviation. Experimental results show that the proposed method is not only feasible, but also provides a new idea for the fingerprinting of cryptographic protocol applications. |
| |
| Keywords: | protocol deviation protocol reverse engineering protocol fingerprint protocol signature |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与科学》浏览原始摘要信息 |
|
点击此处可从《计算机工程与科学》下载全文 |
|
