Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Online protocol format inference method based on multiple sequence alignment

A protocol format and multi-sequence technology, applied in the direction of electrical components, transmission systems, etc., can solve the problems that cannot meet the needs of online protocol analysis and take a long time, and achieve the effect of meeting the time requirement and ensuring the effect

Active Publication Date: 2018-08-24
NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT +1
View PDF6 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Although the above protocol format extraction algorithm has good accuracy, it often takes a long time and cannot meet the needs of online protocol analysis.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Online protocol format inference method based on multiple sequence alignment
  • Online protocol format inference method based on multiple sequence alignment
  • Online protocol format inference method based on multiple sequence alignment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0042] Include the following steps:

[0043] Step S1: Network traffic acquisition and division into different groups

[0044] Obtain traffic from the network through wireshark or pcap, and then use the first N packets as a subflow according to the packet acceptance order, and set N to 500 in order to ensure the response time.

[0045] flow0= (1)

[0046] Step S2: Perform multiple sequence alignment

[0047] Taking the http protocol as an example, the three groups before and after are respectively,

[0048] Among them, p0={GET / cgi-bin / whois.pl HTTP / 1.0 Host: arin.net User-Agent:Opera Accept: text / xml}, p1={GET / index.html HTTP / 1.0 Host: www.yahoo .comUser-Agent: Mozilla / 5.0 Accept: text / xml}, p2={GET / HTTP / 1.0 Host: www.google.com User-Agent: IE4.0 Accept: text / xml}.

[0049] After sequence comparison, the result is GET / ############ HTTP / 1.0 Host: ############# User-Agent: ########## Accept: text / xml.

[0050] Simultaneous record processing time was 60 seconds.

[005...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an online protocol format inference method based on multiple sequence alignment. Content of a known part of a protocol is marked; for online traffic, captured traffic is grouped according to certain number in an increment analysis mode; for each group, extracting a format of the protocol through progressive multiple sequence alignment; adjacent group results are analyzed; and if analysis results are different, all groups in two continuous groups are analyzed as results, until the analysis is finished. According to the method, an online protocol analysis time demand canbe satisfied, and a protocol analysis effect also can be ensured.

Description

technical field [0001] The invention relates to the technical field of online protocol format inference methods, in particular to an online protocol format inference method based on multiple sequence alignment. Background technique [0002] Protocol reverse engineering refers to the process of extracting protocol format and protocol state machine information by monitoring and analyzing the network input and output, system behavior and instruction execution flow of protocol entities without protocol description. As industrial control network security has increasingly attracted the attention of relevant state departments, the security analysis of industrial control protocols has increasingly attracted the attention of relevant state departments and has become the focus of academic research. Protocol reverse engineering is widely used in intrusion detection, vulnerability mining, and protocol reuse. [0003] Protocol reverse analysis technology mainly includes two stages: proto...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L69/03H04L69/06H04L69/22
Inventor 张晓明何跃鹰孙中豪张嘉玮方喆君刘中金李建强王占丰田益凡胡超罗冰
Owner NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com