“Building an Automaton Towards Protocol Reverse Engineering”

From Navigators

Revision as of 14:41, 14 January 2013 by Jcraveiro (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

João Antunes, Nuno Ferreira Neves

in Simpósio de Informática Inforum 2009, Sept. 2009.

Abstract: The communication between computer systems is dictated by network protocols, which determine how the network components interact with each other. Knowing the specification of a network protocol can greatly improve the security and dependability of both the design of the protocol and the applications implementing it. The specification can be used, for example, to verify if the application's implementation is correct and in accordance, or even to aid in the creation of specific firewall rules or IDS filters to block messages that do not comply with the defined standard. However, the protocol specification is not always available, which makes assessing the correctness and security of such protocols difficult. Protocol reverse engineering has been used to overcome this problem, by deducing the specification of closed protocols from their utilization alone and without any assumption about their structure or operation. In this paper, we present two different approaches, based on sequence alignment techniques, to build an automaton of a network protocol from network traces.

Download paper

Download Building an Automaton Towards Protocol Reverse Engineering

Export citation

BibTeX

Project(s):

Research line(s): Fault And Intrusion Tolerance in Open Distributed Systems (FIT)

Personal tools
Navigators toolbox