Two-Pathway Model for Enhancement of Protocol Reverse Engineering
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Goo, Young-Hoon | - |
dc.contributor.author | Shim, Kyu-Seok | - |
dc.contributor.author | Baek, Ui-Jun | - |
dc.contributor.author | Kim, Myung-Sup | - |
dc.date.accessioned | 2021-08-30T07:16:54Z | - |
dc.date.available | 2021-08-30T07:16:54Z | - |
dc.date.created | 2021-06-18 | - |
dc.date.issued | 2020-11-30 | - |
dc.identifier.issn | 1976-7277 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/51437 | - |
dc.description.abstract | With the continuous emergence of new applications and cyberattacks and their frequent updates, the need for automatic protocol reverse engineering is gaining recognition. Although several methods for automatic protocol reverse engineering have been proposed, each method still faces major limitations in extracting clear specifications and in its universal application. In order to overcome such limitations, we propose an automatic protocol reverse engineering method using a two-pathway model based on a contiguous sequential pattern (CSP) algorithm. By using this model, the method can infer both command-oriented protocols and non-command-oriented protocols clearly and in detail. The proposed method infers all the key elements of the protocol, which are syntax, semantics, and finite state machine (FSM), and extracts clear syntax by defining fine-grained field types and three types of format: field format, message format, and flow format. We evaluated the efficacy of the proposed method over two non-command-oriented protocols and three command oriented protocols: the former are HTTP and DNS, and the latter are FTP, SMTP, and POP3. The experimental results show that this method can reverse engineer with high coverage and correctness rates, more than 98.5% and 99.1% respectively, and be general for both command-oriented and non-command-oriented protocols. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | KSII-KOR SOC INTERNET INFORMATION | - |
dc.title | Two-Pathway Model for Enhancement of Protocol Reverse Engineering | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Kim, Myung-Sup | - |
dc.identifier.doi | 10.3837/tiis.2020.11.004 | - |
dc.identifier.scopusid | 2-s2.0-85097010830 | - |
dc.identifier.wosid | 000595864500004 | - |
dc.identifier.bibliographicCitation | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, v.14, no.11, pp.4310 - 4330 | - |
dc.relation.isPartOf | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS | - |
dc.citation.title | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS | - |
dc.citation.volume | 14 | - |
dc.citation.number | 11 | - |
dc.citation.startPage | 4310 | - |
dc.citation.endPage | 4330 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.identifier.kciid | ART002652625 | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.description.journalRegisteredClass | kci | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordAuthor | Protocol reverse engineering | - |
dc.subject.keywordAuthor | network security | - |
dc.subject.keywordAuthor | two-pathway model | - |
dc.subject.keywordAuthor | contiguous sequential pattern algorithm | - |
dc.subject.keywordAuthor | command-oriented protocols br | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.