《计算机应用研究》|Application Research of Computers

自动协议逆向工程研究综述

Review of research on automatic protocol reverse engineering

免费全文下载 (已被下载 次)  
获取PDF全文
作者 王晓晨,沈晶,刘海波,于爱民,蔡利君
机构 1.哈尔滨工程大学 计算机科学与技术学院,哈尔滨 150001;2.中国科学院信息工程研究所,北京 100093
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2020)09-001-2561-10
DOI 10.19734/j.issn.1001-3695.2019.04.0104
摘要 全面梳理了该领域国内外相关文献,归纳分析了自动协议逆向工程的研究现状和发展趋势。为了更清晰地刻画不同方法的特点和比较异同,提出一种基于协议逆向工程输出结果的分类方法,将协议逆向方法分为侧重于协议格式提取、侧重于协议状态机推断、侧重于完整协议规范描述、侧重于其他输出结果四类,并据此进行分析和比较。基于目前的进展情况和进一步的问题剖析发现,复杂交互场景分析、链路层协议逆向、加密协议分析以及协议状态机优化等应作为自动协议逆向工程领域下一步的重点研究方向。
关键词 协议逆向工程; 自动机学习; 协议格式提取; 状态机推断
基金项目 国家重点研发计划项目(2017YFC0820700)
黑龙江省自然科学基金项目(F2018011)
中央高校基本科研业务费专项资金项目(HEUCFP201808,HEUCFP201838)
本文URL http://www.arocmag.com/article/01-2020-09-001.html
英文标题 Review of research on automatic protocol reverse engineering
作者英文名 Wang Xiaochen, Shen Jing, Liu Haibo, Yu Aimin, Cai Lijun
机构英文名 1.College of Computer Science & Technology,Harbin Engineering University,Harbin 150001,China;2.Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China
英文摘要 This paper comprehensively combed relevant literatures at home and abroad in this field, and summarized the research status and development trend of automatic protocol reverse engineering. In order to more clearly depict the characteristics of the different methods and compare similarities and differences, this paper proposed a classification method based on the reverse engineering output of the protocol, divided the protocol reverse method into four categories, namely, focusing on protocol format extraction, focusing on protocol state machine inference, focusing on complete protocol specification description, focusing on other output results, and made analysis and comparison based on the above. Based on current progress and further analysis of the problem, it found that complex interaction scenario analysis, link layer protocol reverse, encryption protocol analysis and protocol state machine optimization should be the next important research direction in the field of automatic protocol reverse engineering.
英文关键词 protocol reverse engineering(PRE); automaton learning; protocol format extraction; state machine inference
参考文献 查看稿件参考文献
 
收稿日期 2019/4/11
修回日期 2019/6/11
页码 2561-2570,2585
中图分类号 TP393.04
文献标志码 A