Skip to main content
Conference Proceedings

Inferring protocol state machine from real-world trace

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2010) 6307 LNCS 498-499
DOI: 10.1007/978-3-642-15512-3_32
2Citations
Citations of this article
13Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Application-level protocol specifications are helpful for network security management, including intrusion detection, intrusion prevention and detecting malicious code. However, current methods for obtaining unknown protocol specifications highly rely on manual operations, such as reverse engineering. This poster provides a novel insight into inferring a protocol state machine from real-world trace of a application. The chief feature of our method is that it has no priori knowledge of protocol format, and our technique is based on the statistical nature of the protocol specifications. We evaluate our approach with text and binary protocols, our experimental results demonstrate our proposed method has a good performance in practice. © 2010 Springer-Verlag.

Cite

CITATION STYLE

APA

Wang, Y., Zhang, Z., & Guo, L. (2010). Inferring protocol state machine from real-world trace. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6307 LNCS, pp. 498–499). Springer Verlag. https://doi.org/10.1007/978-3-642-15512-3_32

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free