期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于状态融合的协议状态机推断方法 被引量:3

Method of protocol state machine inference based on state merging
下载PDF
导出
摘要 针对现有协议状态机推断方法忽视协议系统输入输出报文之间的内在关系,导致自动化程度较低等问题,提出一种基于状态融合的协议状态机推断方法。首先采集会话样本,将会话过程的输入输出报文序列抽象为符号序列;然后采用扩展前缀树转换器(EPTT)构建初始状态机,通过各状态对相同输入符号序列的状态转换和输出响应评判其相似度,依据相似度的高低搜寻候选状态对并尝试对其融合,同时有针对性地构造测试用例以验证此次融合的正确性。上述流程反复执行,直到没有可融合的状态。结果表明,该方法自动化程度较高,推断出的结果与真实协议状态机高度吻合。 The existing protocol state machine inference methods ignore the relationship of input and output messages and are not automated. A method of protocol state machine inference based on state merging was put forward. Firstly, session samples were collected, and the input and output messages of session were abstracted into symbol sequences. Then the extended prefix tree transducer (EPTT) was used to build the initial state machine, and the similarity of all states evaluated according to the state transition and output responses. The candidate states for merger were determined based on the level of state similarity. Mean-while, test cases were generated to prove the validity of this merger and these processes repeated until there are no states that can be merged. Experimental results show that the method can infer highly accu- rate protocol state machine automatically.
作者 王辰 吴礼发 洪征 赖海光 庄洪林
机构地区 解放军理工大学指挥信息系统学院
出处 《解放军理工大学学报(自然科学版)》 EI 北大核心 2015年第4期322-329,共8页 Journal of PLA University of Science and Technology(Natural Science Edition)
基金 江苏省自然科学基金资助项目(BK2011115 BK20131069)
关键词 状态融合 协议状态机 推断方法 state merging protocol state machine~ method of inference
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献23

二级参考文献96

  • 1吴鹏,施小纯,唐江峻,林惠民,陈宗岳.关于蜕变测试和特殊用例测试的实例研究(英文)[J].软件学报,2005,16(7):1210-1220. 被引量:12
  • 2胡振宇,刘在强,苏璞睿,冯登国.基于协议分析的IM阻断策略及算法分析[J].电子学报,2005,33(10):1830-1834. 被引量:5
  • 3刘立芳,霍红卫,王宝树.PHGA-COFFEE:多序列比对问题的并行混合遗传算法求解[J].计算机学报,2006,29(5):727-733. 被引量:11
  • 4Borisov N, Brumley D, Wang H J, et al.A generic applica- tion-level protocol analyzer and its language[C]//Proceedings of the 14th Anuual Network & Distributed System Security Sym- posium, NDSS, 2007. 被引量:1
  • 5Pang R, Paxson V, Somer R, et al.Binpac: A YACC for writing application protocol parzers[C]//Proceedings of the 2006 Inter- net Measurement Conference,2006. 被引量:1
  • 6Dreger H, Feldmann A, Mai M, et al.Dynamic application-layer protocol analysis for network intrusion detection[C]//-tSSENIX Security Symposium, Vancouver, Canada, 2006. 被引量:1
  • 7Cui W,Paxson V,Weaver C,et al.Protocol independent adaptivereplay of application dialog[C]//Proceedings of Network and Distributed System Security Symposium, San Diago,CA,2006. 被引量:1
  • 8Cui W,Kannan J,Wang J H.Discoveror:Automatic protocol de- scription generation from network traces[C]//USENIX Security Symposium, Boston, MA, 2007. 被引量:1
  • 9Kannan J, Jung J, Paxson V, et al.Semi-automated discovery of application session structure[C]//Intemet Measurement Confer- ence,Rio de Janeiro,Brazil,2006. 被引量:1
  • 10Caballero J,Yin H,Liang Z, et al.Polyglot:Automatic extraction of protocol message format using dynamic binary analysis[C]// Proceedings of the 14th ACM Conference on Computer and Communications Security,CCS,October 2007. 被引量:1

共引文献102

同被引文献22

引证文献3

二级引证文献6

解放军理工大学学报(自然科学版)
2015年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部