scholarly journals NetPlier: Probabilistic Network Protocol Reverse Engineering from Message Traces

2021 ◽  
Author(s):  
Yapeng Ye ◽  
Zhuo Zhang ◽  
Fei Wang ◽  
Xiangyu Zhang ◽  
Dongyan Xu
Keyword(s):  
Reverse Engineering ◽  
Network Protocol ◽  
Probabilistic Network ◽  
Protocol Reverse Engineering

An Automatic Network Protocol State Machine Inference Method in Protocol Reverse Engineering

2014 ◽  
Vol 513-517 ◽  
pp. 2496-2501
Author(s):  
Li Hua Zhao ◽  
Xue Jia Liang ◽  
Xiang Peng ◽  
Hua Feng Kong ◽  
Mei Zhen Wang
Keyword(s):  
Network Security ◽  
Reverse Engineering ◽  
Communication Protocol ◽  
State Machine ◽  
Important Application ◽  
Network Protocol ◽  
Extended Version ◽  
Inference Method ◽  
Mealy Automata ◽  
Protocol Reverse Engineering

To infer the network protocol state machine is very useful in network security-related contexts, both in research and management. This process follows an extension of the classic Angluins L* algorithm and has achieved an extended version of some Mealy automata to represent or model a communication protocol. The algorithm has been validated by inferring the protocol state machine from SMTPFTP protocol, and tested offline algorithms for the comparison experiments. The experimental results show that this method can more accurately identify the network protocol state machine and is of the important application value.

scholarly journals State of the art of network protocol reverse engineering tools

2017 ◽  
Vol 14 (1) ◽  
pp. 53-68 ◽  
Author(s):  
Julien Duchêne ◽  
Colas Le Guernic ◽  
Eric Alata ◽  
Vincent Nicomette ◽  
Mohamed Kaâniche
Keyword(s):  
Reverse Engineering ◽  
State Of The Art ◽  
Network Protocol ◽  
Protocol Reverse Engineering

scholarly journals A Survey of Automatic Protocol Reverse Engineering Approaches, Methods, and Tools on the Inputs and Outputs View

2018 ◽  
Vol 2018 ◽  
pp. 1-17 ◽  
Author(s):  
Baraka D. Sija ◽  
Young-Hoon Goo ◽  
Kyu-Seok Shim ◽  
Huru Hasanova ◽  
Myung-Sup Kim
Keyword(s):  
Reverse Engineering ◽  
Open Systems ◽  
Finite State Machines ◽  
Network Protocol ◽  
State Machines ◽  
Network Resources ◽  
Reverse Engineer ◽  
Open Systems Interconnection ◽  
Finite State ◽  
Protocol Reverse Engineering

A network protocol defines rules that control communications between two or more machines on the Internet, whereas Automatic Protocol Reverse Engineering (APRE) defines the way of extracting the structure of a network protocol without accessing its specifications. Enough knowledge on undocumented protocols is essential for security purposes, network policy implementation, and management of network resources. This paper reviews and analyzes a total of 39 approaches, methods, and tools towards Protocol Reverse Engineering (PRE) and classifies them into four divisions, approaches that reverse engineer protocol finite state machines, protocol formats, and both protocol finite state machines and protocol formats to approaches that focus directly on neither reverse engineering protocol formats nor protocol finite state machines. The efficiency of all approaches’ outputs based on their selected inputs is analyzed in general along with appropriate reverse engineering inputs format. Additionally, we present discussion and extended classification in terms of automated to manual approaches, known and novel categories of reverse engineered protocols, and a literature of reverse engineered protocols in relation to the seven layers’ OSI (Open Systems Interconnection) model.

Sign in / Sign up

Export Citation Format

Share Document