期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

APF-Kitty:基于单词嵌入的新型专有协议模糊测试工具 被引量:1

APF-Kitty: A New Fuzzer for Proprietary Protocol Based on Word Embedding
下载PDF
导出
摘要 针对工业控制系统协议组成复杂,存在大量专有协议的特点,将协议逆向工程与模糊测试技术相结合。并针对传统多序列比对算法存在的问题,提出了利用单词嵌入进行协议逆向分析的新思路,并且通过开源模糊测试框架Kitty构造出新型的模糊测试工具APF-Kitty。通过实验分析证明了该方法可以有效地对专有协议进行逆向分析和模糊测试。最后,讨论了该方法存在的不足和下一步研究方向。 Aim at the protocol of the industrial control system is complex and have a large number of proprietary protocol, combined the reverse engineering and fuzzing. And aiming at the problems of traditional multiple sequence alignment algorithm, proposed a new method by using word embedding to reverse protocol. The new fuzzer APF-Kitty was constructed through the open source fuzzing test framework Kitty. Through the experimental analysis show that the method can recerse and fuzzing proprietary protocol effectively. Finally, the deficiency existed in the method and the future research direction were discussed.
作者 付光远 刘津霖 蔡艳宁 李海龙
机构地区 火箭军工程大学信息工程系
出处 《科学技术与工程》 北大核心 2017年第21期82-88,共7页 Science Technology and Engineering
基金 国家自然科学青年基金(61403397)资助
关键词 专有协议 单词嵌入 模糊测试 协议逆向工程 proprietary protocol word embedding fuzzing protocol reverse engineering
分类号 TP393.04 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献3

二级参考文献43

  • 1Intemet netflow statistics[EB/OL], http://netflow.intemet2.edu, 2010.
  • 2TCP and UDP port numbers[EB/OL], http://www.iana.org/assignments/ port-numbers, 2008.
  • 3ROUGHAN M, SEN S, SPATSCHECK O, et al. Class-of-service mapping for QoS: a statistical signature-based approach to IP tratTtc classification[A]. Proceedings of the 4th ACM SIGCOMM Conference on Interact Measurement[C]. Taormina, Sicily, Italy, 2004.135-148.
  • 4ZHANG J, CHEN C, XIANG Y. An effective network traffic classifi- cation method with unknown flow detection[J]. IEEE Transactions on Network and Service Management, 2013, 10(1):1-15.
  • 5KARAGIANNIS T, PAPAGIANNAKI K, FALOUTSOS M. BLINC: multilevel traffic classification in the dark[J]. SIGCOMM Computer Communication Review, 2005, 35(4):229-240.
  • 6CABALLERO J, YIN H, LIANG Z, et al. Polyglot: automatic extrac- tion of protocol message format using dynamic binary analysis[A]. Proceedings of the 14th ACM Conference on Computer and Commu- nications Security[C]. Virginia, USA, 2007.317-329.
  • 7L1N Z, JIANG X, XU D, et al. Automatic protocol format reverse engineering through context-aware monitored execution[A]. Proceed- ings of the 15th Network and Distributed System Security Sympo- sium[C]. California, USA, 2008.1-17.
  • 8WONDRACEK G, MILANI P, KRUEGEL C, et al. Automatic net- work protocol analysis[A]. Proceedings of the 16th Network and Dis- tributed System Security Symposium[C]. California, USA, 2008.1-18.
  • 9CUI W, PEINADO M, CHEN K, et al. Tupni: automatic reverse engi- neering of input formats[A]. Proceedings of the 15th ACM Conferenceon Computer and Communications Security[C]. Virginia, USA, 2008. 391-402.
  • 10HAFFNER P, SEN S, SPATSCHECK O, et al. ACAS: automated construction of application signatures[A]. Proceedings of the 2005 ACM SIGCOMM Workshop on Mining Network Data[C]. Pennsyl- vania, USA, 2005.197-202.

共引文献39

同被引文献14

引证文献1

二级引证文献2

科学技术与工程
2017年 第21期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部