21,991 Hits in 3.5 sec

Automatic protocol field inference for deeper protocol understanding

Ignacio Bermudez, Alok Tongaonkar, Marios Iliofotou, Marco Mellia, Maurizio M. Munafo
2015 2015 IFIP Networking Conference (IFIP Networking)  
FieldHunter was able to extract security relevant fields and infer their nature for well documented network protocols (such as DNS and MSNP) as well as protocols for which the specifications are not publicly  ...  In this paper we present FieldHunter, which automatically extracts fields and infers their types; providing this much needed information to the security experts for keeping pace with the increasing rate  ...  Without his help we could not prove how useful is FieldHunter on identifying automatically fields for this very specific kind of applications such as malware.  ... 
doi:10.1109/ifipnetworking.2015.7145307 dblp:conf/networking/BermudezTIMM15 fatcat:3ju72vjgcnb4jcsjbj3tttobl4

State of the art of network protocol reverse engineering tools

Julien Duchêne, Colas Le Guernic, Eric Alata, Vincent Nicomette, Mohamed Kaâniche
2017 Journal in Computer Virology and Hacking Techniques  
These fuzzers can generate messages towards a component by relaxing some constraints on some message fields.  ...  Keywords Reverse engineering · Protocol inference · Data structure inference · Network trace analysis · Binary application analysis 1 Introduction Communication protocols allow several components to exchange  ...  ARGOS System call analysis for automatic classification and analysis of dynamically allocated structures in Linux kernel Help a human to understand and analyse how kernel structures are structured and  ... 
doi:10.1007/s11416-016-0289-8 fatcat:bybg6liixbbodekvt2tvrllffi

Prospex: Protocol Specification Extraction

Paolo Milani Comparetti, Gilbert Wondracek, Christopher Kruegel, Engin Kirda
2009 2009 30th IEEE Symposium on Security and Privacy  
In this paper, we focus on closing this gap by presenting a system that is capable of automatically inferring state machines.  ...  This greatly enhances the results of automatic protocol reverse engineering, while further reducing the need for human interaction.  ...  The authors would like to thank Michael Eddington and Hanifi Güneş for their work on Peach fuzzer.  ... 
doi:10.1109/sp.2009.14 dblp:conf/sp/ComparettiWKK09 fatcat:elbuwmpiurcrxccbf3eqvvab2y

Towards automatic protocol field inference

Ignacio Bermudez, Alok Tongaonkar, Marios Iliofotou, Marco Mellia, Maurizio M. Munafò
2016 Computer Communications  
In this paper, we present a system called FieldHunter, which automatically extracts fields and infers their types.  ...  FieldHunter was able to extract security relevant fields and infer their types for well documented network protocols (such as DNS and MSNP) as well as protocols for which the specifications are not publicly  ...  For instance, firewalls have moved from using simple packet-filtering rules to using application level rules that need deeper understanding of the protocols being used by network applications.  ... 
doi:10.1016/j.comcom.2016.02.015 fatcat:bllnei47jnbvzip66omtto7xcy

Inference and analysis of formal models of botnet command and control protocols

Chia Yuan Cho, Domagoj Babi ć, Eui Chul Richard Shin, Dawn Song
2010 Proceedings of the 17th ACM conference on Computer and communications security - CCS '10  
We also show that the computed protocol state machines enable formal analysis for botnet defense, including finding the weakest links in a protocol, uncovering protocol design flaws, inferring the existence  ...  Our proposed techniques enable an order of magnitude reduction in the number of queries and time needed to learn a botnet C&C protocol compared to classic algorithms (from days to hours for inferring the  ...  ACKNOWLEDGMENTS We would like to thank Greg Bronevetsky, Vern Paxson, Nishant Sinha, and the anonymous reviewers for insightful comments to improve this manuscript.  ... 
doi:10.1145/1866307.1866355 dblp:conf/ccs/ChocSS10 fatcat:sj4uh3bjfrdl3oeh4jlgk6ev3e

Protocol Specification Extraction based on Contiguous Sequential Pattern Algorithm

Young-Hoon Goo, Kyu-Seok Shim, Min-Seob Lee, Myung-Sup Kim
2019 IEEE Access  
Many protocols that occur under these situations are unknown and undocumented. For efficient network management and security, a deep understanding of these protocols is required.  ...  the field formats.  ...  Beside, we defined three types of formats which are field format, message format, and flow format for deeper understanding of an unknown protocol, and the proposed method extracts them as protocol syntax  ... 
doi:10.1109/access.2019.2905353 fatcat:pl46xwz56bb2vhtnf5rm2eecwi

Icefex: Protocol Format Extraction from IL-based Concolic Execution

2013 KSII Transactions on Internet and Information Systems  
In this paper, we propose a new approach for protocol format extraction.  ...  Our approach reasons about only the evaluation behavior of a program on the input message from concolic execution, and enables field identification and constraint inference with high accuracy.  ...  Both of them are critical for understanding or reconstructing messages of unknown protocols.  ... 
doi:10.3837/tiis.2013.03.010 fatcat:toydxna4gbbvtktm2nwq5gfmne

Automatic protocol reverse-engineering: Message format extraction and field semantics inference

Juan Caballero, Dawn Song
2013 Computer Networks  
Automatic protocol reverse-engineering techniques enable understanding undocumented protocols and are important for many security applications, including the analysis and defense against botnets.  ...  Understanding the command-and-control (C&C) protocol used by a botnet is crucial for anticipating its repertoire of nefarious activity.  ...  We also thank the anonymous reviewers for their insightful comments. This research was partially supported by the National Science  ... 
doi:10.1016/j.comnet.2012.08.003 fatcat:vcoamkohkjc5vhaa6bnmlg2l3i

Toward a closer integration of law and computer science

Christopher S. Yoo
2014 Communications of the ACM  
Mars The next logical step would be to embed the interaction between law and policy deeper into the fabric of both fields. For example, we could change the way we educate both engineers and lawyers.  ...  The myriad academic The next logical step would be to embed the interaction between law and policy deeper into the fabric of both fields. | vol. 57 | No. 1 | communIcaTIonS of The acm 33 More recent  ... 
doi:10.1145/2542503 fatcat:ffps2ut3czalzpzjnqtlpgzdva

Static Program Analysis as a Fuzzing Aid [chapter]

Bhargava Shastry, Markus Leutner, Tobias Fiebig, Kashyap Thimmaraju, Fabian Yamaguchi, Konrad Rieck, Stefan Schmid, Jean-Pierre Seifert, Anja Feldmann
2017 Lecture Notes in Computer Science  
Based on the insight that code patterns reflect the data format of inputs processed by a program, we automatically construct an input dictionary by statically analyzing program control and data flow.  ...  Our work not only provides a practical method to conduct security evaluations more effectively but also demonstrates that the synergy between program analysis and testing can be exploited for a better  ...  We would like to thank Julian Fietkau for helping customize the Peach fuzzer for our experiments.  ... 
doi:10.1007/978-3-319-66332-6_2 fatcat:wa7tt73lp5fpnjonsrokamrx4a

Reverse Engineering of Protocols from Network Traces

Joao Antunes, Nuno Neves, Paulo Verissimo
2011 2011 18th Working Conference on Reverse Engineering  
To address these issues, we propose a new methodology to automatically infer a specification of a protocol from network traces, which generates automata for the protocol language and state machine.  ...  Therefore, the ability to derive a specification of a protocol can be useful in various contexts, such as to support deeper black-box testing or effective defense mechanisms.  ...  It was only recently that the field of automatic inference of protocol specifications has seen some developments.  ... 
doi:10.1109/wcre.2011.28 dblp:conf/wcre/AntunesNV11 fatcat:67hamydjdbblhn6p2ua2gydf3i

The Role of Ontologies in Emergent Middleware: Supporting Interoperability in Complex Distributed Systems [chapter]

Gordon S. Blair, Amel Bennaceur, Nikolaos Georgantas, Paul Grace, Valérie Issarny, Vatsala Nundloll, Massimo Paolucci
2011 Lecture Notes in Computer Science  
In this paper, we postulate that emergent middleware is the right way forward; emergent middleware is a dynamically generated distributed system infrastructure for the current operating environment and  ...  For example, assume the incoming packet to be Broadcomm and the existing packet to be BBR. Fig. 7. Inferred Vehicular Ontology Field Matching.  ...  The requirements for MFRBroadcastPacket are the fields: CommonNeighbourNo and NeighbourList.  ... 
doi:10.1007/978-3-642-25821-3_21 fatcat:7dnhm5wuynaczptx6wslc25yja

SGPFuzzer: A State-Driven Smart Graybox Protocol Fuzzer for Network Protocol Implementations

Yingchao Yu, Zuoning Chen, Shuitao Gan, Xiaofeng Wang
2020 IEEE Access  
In this study, we first analyze and summarize some typical network protocol fuzzers to highlight the challenges when addressing stateful network protocol fuzzing.  ...  As one of the most widely used technologies in software testing, fuzzing technology has been applied to network protocol vulnerability detection, and various network protocol fuzzers have been proposed  ...  Consequently, they are ineffective at finding deeper bugs in network protocol implementations. B.  ... 
doi:10.1109/access.2020.3025037 fatcat:77anseyuv5dthc46aytphitqtu

Automatic knowledge acquisition from medical texts

U Hahn, K Schnattinger, M Romacker
1996 Proceedings : a conference of the American Medical Informatics Association. AMIA Fall Symposium  
An approach to knowledge-based understanding of realistic texts from the medical domain (viz. findings of gastro-intestinal diseases) is presented.  ...  The substrate of automatic knowledge acquisition are text knowledge bases generated by the parser from medical narratives, which represent major portions of the content of these documents.  ...  Schulz from the Department of Medical Informatics at Freiburg University for fruitful discussions. We also gratefully acknowledge the provision of the LOOM system from USC/ISI.  ... 
pmid:8947693 pmcid:PMC2232954 fatcat:trfwa2b4tvdizgwg4xhmpxop3a

Exploring the Listening Processes of Pre-university ESL Students

Suchithra Nair, Yew Li Koo, Kesumawati Abu Bakar
2014 Procedia - Social and Behavioral Sciences  
A procedure that incorporated the verbal channel for gathering think-aloud protocols was developed to suit the respondents' language ability.  ...  Their verbal protocols were audio taped and their behavioural responses observed by the researcher.  ...  A deeper understanding of how learners process a listening task is necessary to shed light on how listening instruction can be designed to facilitate learning.  ... 
doi:10.1016/j.sbspro.2014.02.065 fatcat:g62h6eocozf2dab6vqkjq4nmr4
« Previous Showing results 1 — 15 out of 21,991 results