Protocol format automatic inference method and system based on relation inference

A protocol format and relational technology, applied in the field of automatic protocol format inference method and system based on relational reasoning, can solve problems such as modeling and incorrect results, and achieve high neural network efficiency, stable time consumption, and accurate protocol format inference Effect

Pending Publication Date: 2021-12-28
BEIJING UNIV OF TECH
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, existing designs based on the above two methods have limitations respectively:
Existing techniques do not model this uncertainty and thus often produce incorrect results

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Protocol format automatic inference method and system based on relation inference
  • Protocol format automatic inference method and system based on relation inference
  • Protocol format automatic inference method and system based on relation inference

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] The workflow of this method can be divided into three stages, which are coarse-grained structure generation stage, relation learning stage and fine-grained structure generation stage. The input of the coarse-grained structure generation stage is the original network traffic. This stage will realize the rough format inference for each TCP / UDP payload according to the frequency of occurrence of the fixed-length byte tuple n-gram in the byte stream in all traffic. . In the relationship learning stage, the learnable parameters in the neural network will be trained based on the coarse-grained structure extracted in the previous stage, and the logical relationship between each n-gram in the coarse-grained structure will be learned. The fine-grained structure generation stage will use the relational model generated in the previous stage, map it to the original TCP / UDP payload, and deduce the protocol format of the corresponding message.

[0051] In the coarse-grained structur...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a protocol format automatic inference method and system based on relation inference. The method comprises three stages, namely a coarse-grained structure generation stage, a relation learning stage and a fine-grained structure generation stage. The coarse-grained structure generation stage comprises the following steps of: preprocessing original network traffic; generating a frequency dictionary for a preprocessed effective load set; and generating a coarse-grained structure according to the frequency dictionary. The relation learning stage comprises the following steps of: extracting the characteristics of the effective load; generating a corresponding question set and an answer set for the load coarse-grained structure; and reasoning a logic relationship between n-grams in the effective load characteristics by using the questions and answers, and constructing a field relationship model. The fine-grained structure generation stage comprises the following steps of: mapping a field relation model into a coarse-grained structure according to the field relation model obtained in the relation learning stage; and deducing the format of the load according to the mapping relation. According to the protocol format automatic inference method, the accurate protocol format is extracted from the variable-length fields in the TCP/UDP load, and the extraction method is high in efficiency and strong in robustness.

Description

technical field [0001] The invention relates to automatic extraction of unknown network traffic formats using deep learning technology according to data packet TCP / UDP payloads, in particular to a method and system for automatically inferring protocol formats based on relational reasoning. Background technique [0002] Network protocol format extraction is the process of extracting the key information of the TCP / UDP payload in the traffic, which is an important challenge in the field of network security. It has a wide range of applications in the field of computer network and network security. For example, intrusion detection and prevention systems (IDSes / IPSes), network monitoring, network measurement, tunnel detection, traffic classification, etc. Specifically, in the field of network security, many security analyzes such as static / symbolic vulnerability scanning, vulnerability exploitation, attack detection, and malware behavior analysis require accurate modeling of netw...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N3/04G06N3/08
CPCH04L69/06H04L69/161G06N3/08G06N3/045
Inventor 王一鹏唐通赖英旭刘静
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap