Identification of Delimiter and Static Field in Protocol Reverse Engineering Using Statistic Analysis

Min-Seob Lee; Kyu-Seok Shim; Young-Hoon Goo; Ui-Jun Baek; Byeong-Min Chae; Ho-Won Moon; Myung-Sup Kim

Identification of Delimiter and Static Field in Protocol Reverse Engineering Using Statistic Analysis

Vol. 44, No. 5, pp. 904-913, May 2019

10.7840/kics.2019.44.5.904

PDF

Abstract

Today’s network environment has become faster and larger, and as a result, the individual network environment is changing to an environment where the world is connected to a single network. Thus, the various and complicated communications are being made and specific communications are using a private protocol. These private protocols are generally unused and close, and the protocol specifications are not documented. If the private protocol is not used for malicious behavior, it is not a problem for the network security. However, the private protocol used for malicious behavior is difficult to detect or deal with malicious behavior because the specification of the protocol is unknown To solve these problems, many studies related to protocol reverse engineering for extracting specifications of a private protocol have been conducted. In this paper, we propose a method to explicitly extract fields based on statistical analysis for extracting protocol message format and flow format.

Statistics

Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

M. Lee, K. Shim, Y. Goo, U. Baek, B. Chae, H. Moon, M. Kim, "Identification of Delimiter and Static Field in Protocol Reverse Engineering Using Statistic Analysis," The Journal of Korean Institute of Communications and Information Sciences, vol. 44, no. 5, pp. 904-913, 2019. DOI: 10.7840/kics.2019.44.5.904.

[ACM Style]

Min-Seob Lee, Kyu-Seok Shim, Young-Hoon Goo, Ui-Jun Baek, Byeong-Min Chae, Ho-Won Moon, and Myung-Sup Kim. 2019. Identification of Delimiter and Static Field in Protocol Reverse Engineering Using Statistic Analysis. The Journal of Korean Institute of Communications and Information Sciences, 44, 5, (2019), 904-913. DOI: 10.7840/kics.2019.44.5.904.

[KICS Style]

Min-Seob Lee, Kyu-Seok Shim, Young-Hoon Goo, Ui-Jun Baek, Byeong-Min Chae, Ho-Won Moon, Myung-Sup Kim, "Identification of Delimiter and Static Field in Protocol Reverse Engineering Using Statistic Analysis," The Journal of Korean Institute of Communications and Information Sciences, vol. 44, no. 5, pp. 904-913, 5. 2019. (https://doi.org/10.7840/kics.2019.44.5.904)

Identification of Delimiter and Static Field in Protocol Reverse Engineering Using Statistic Analysis

Submenu

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

Recent Publications
(LAST 3 YEARS)

Identification of Delimiter and Static Field in Protocol Reverse Engineering Using Statistic Analysis

Submenu

Search (IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS(TOP 10 KEYWORDS)

Recent Publications(LAST 3 YEARS)

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)