Message analysis-based protocol format automatic inferring method

A protocol format and packet analysis technology, applied in the network field, can solve problems such as inaccurate packet structure, low semantic inference accuracy, inability to efficiently compare protocol packet sample sets, etc., achieving space complexity and time complexity. The effect of reducing speed, improving accuracy and efficiency

Active Publication Date: 2013-01-23
PLA UNIV OF SCI & TECH
View PDF2 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The two main problems addressed by the present invention are: the existing reverse method cannot efficiently compare the protocol message sample set, and the obtained message block str

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Message analysis-based protocol format automatic inferring method
  • Message analysis-based protocol format automatic inferring method
  • Message analysis-based protocol format automatic inferring method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] specific implementation

[0020] Such as figure 1 As shown, the embodiment of the present invention receives a sufficient number of network message samples, determines the format sequence of each sample according to the displayable attributes of the characters, and classifies the samples of the same format sequence into one category, and on this basis, the same category The multi-sequence comparison of the message is carried out in units of segments, and the structural information of the segments is inferred, and then the overall structure of the message is obtained. On the basis of mastering the message structure information, all messages of the same kind are integrated to perform semantic inference, and semantic information such as the interval field, data field, sequence number field, length field, and format identification field in the message structure is obtained.

[0021] The complete process of the present invention includes three parts: preliminary clustering,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a message analysis-based protocol format automatic inferring method, which is a method used for analyzing the input and output messages of a protocol entity so as to infer the specific format of the protocol messages. The method comprises the following steps of: firstly, according to the displayable attribute of characters, segmenting the obtained network message in bytes, and carrying out primary clustering based on a format sequence presented by segmentation; secondly, carrying out multi-sequence comparison on the message samples with similar structure by taking the segment as a unit, realizing alignment and length unification of message segments, thereby mastering the basic structure of the message segments and obtaining the whole structure of the message; and finally, carrying out a semantic inferring phase, based on the structure of the message, according to the value and the change features of each field in the sample, following the identification strategies of various semantics, and using the semantic inferring flow of interval field, data field, serial number field, length field and format identifier field. The accuracy and the efficiency of semantic inferring are improved.

Description

technical field [0001] The invention relates to network technology, in particular to a method for analyzing the input and output messages of a protocol entity so as to deduce the format of the protocol message. Background technique [0002] A protocol is a series of rules, standards and conventions established for data exchange in a computer network, and is an indispensable and important part of a computer network. As the supporting element for the realization of network communication functions, protocol is a key research object in the network field. However, since most of the currently used protocols are private protocols and lack formal description documents, it is necessary to use protocol reverse method to extract protocol information. [0003] Protocol reverse refers to the process of extracting protocol grammar, syntax and semantics by monitoring and analyzing the network input and output, system behavior and instruction execution flow of protocol entities without rel...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/70
Inventor 洪征吴礼发李华波赖海光郑成辉黄康宇潘璠
Owner PLA UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap