摘要
利用网络协议格式进行解析可以提取出网络传输的关键数据信息,但是传统的协议解析工具无法自动解析协议报文格式未知的数据流,而要依赖于耗时巨大的人工操作推测未知协议格式。提出一种基于统计分析的自动未知协议报文格式推测算法,可以根据数据流进行统计分析,推测出数据流的协议报文格式。利用真实网络数据进行的实验表明,该算法可以有效地进行未知协议报文格式推断。
Network protocol is very important to network security. With the network data flow, the important data information could be received using protocol analysis based on the protocol specifications. However, the data flow with unknown protocol formats could not be analyzed with traditional protocol analysis tools, current methods for obtaining unknown protocol specifications mainly rely on time-consuming and laborious manual operations. An auto protocol packet format inferring algorithm is proposed based on the statistical analysis of data flow. Experiment results on the real network flow states that this algorithm performs efficiently on inferring protocol packet format.
出处
《电子信息对抗技术》
2014年第1期9-12,共4页
Electronic Information Warfare Technology
关键词
协议报文
格式推测
统计分析
packet format
statistical analysis
protocol inferring
