Industrial control protocol reverse analysis method based on semantic pre-mining

An industrial control protocol and reverse analysis technology, applied in the field of information security, can solve the problem of difficult to accurately identify fixed data and variable data fields, and achieve the effect of improving the recognition rate, improving similarity, and ensuring accuracy

Inactive Publication Date: 2020-08-25
ZHEJIANG SHUREN COLLEGE ZHEJIANG SHUREN UNIV
View PDF4 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Purpose of the invention: Aiming at the problem that it is difficult to accurately identify fields composed of fixed data and variable data when sequence comparison algorithms are used in the process of

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control protocol reverse analysis method based on semantic pre-mining

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] Below in conjunction with specific embodiment, further illustrate the present invention, should be understood that these embodiments are only used to illustrate the present invention and are not intended to limit the scope of the present invention, after having read the present invention, those skilled in the art will understand various equivalent forms of the present invention All modifications fall within the scope defined by the appended claims of the present application.

[0023] Firstly, the operating environment required by the reverse analysis method of industrial control protocol based on semantic pre-mining is given. The operating environment required by the present invention is a PC with Intel-Windows architecture and a sample data set whose format is a pcap type. This sample data set can be obtained by capturing packets using tools such as wireshark, and the message in the sample data set All are related to the industrial control protocol to be analyzed.

[...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an industrial control protocol reverse analysis method based on semantic pre-mining, which realizes optimization of an industrial control data sample protocol reverse analysisresult by pre-mining semantics such as timestamps, lengths, serial numbers and the like and then carrying out field division before protocol format reverse analysis is carried out. The basic idea of the method is that the method comprises the steps: when protocol format analysis is performed on a target industrial control data sample, clustering a sample set to be analyzed according to the lengthof a message, analyzing whether fields such as timestamps, lengths and serial numbers exist in different types of messages, and replacing discovered semantic fields with wildcard characters; after semantic pre-analysis is completed, adopting a Needleman-Wunsch sequence alignment algorithm to analyze the data sample; and finally, replacing the semantic result obtained by pre-analysis in the analysis result, so the accuracy of the analysis result is improved. The method has the advantages of accurate analysis result, high semantic recognition rate and the like.

Description

technical field [0001] The invention relates to a method for reverse analysis of an industrial control protocol, in particular to a reverse analysis method for an industrial control protocol based on semantic pre-mining, which belongs to the technical field of information security. Background technique [0002] The reverse analysis technology of industrial control protocol based on network traffic is to infer the communication protocol followed by the traffic through reverse analysis of the communication traffic between the host computer and industrial control equipment, and use it as the basis of technologies such as fuzzy testing and vulnerability mining. The method based on network traffic has the characteristics of strong versatility and does not rely on complex technologies, so it is widely used in the field of protocol reverse. [0003] In the existing reverse method of industrial control protocols based on network traffic, the classic analysis method is to use sequenc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/851G06F40/30
CPCG06F40/30H04L43/18H04L47/2441
Inventor 王群苏子漪叶时平王章权
Owner ZHEJIANG SHUREN COLLEGE ZHEJIANG SHUREN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap