CABALLERO J, YIN H, LIANG Zhenkai, et al. Polyglot: automatic extraction of protocol message format using dynamic binary analysis[C]. Proceedings of the 14th ACM Conference on Computer and Communications Security, New York: 2007: 317-329. doi: 10.1145/1315245.1315286.
|
CUI Weidong, PEINADO M, CHEN K, et al. Automatic reverse engineering of input format[P]. USA, 8935677 B2, 2015-1-13.
|
WANG Zhi, JIANG Xuxian, CUI Weidong, et al. ReFormat: Automatic reverse engineering of encrypted messages[C]. European Symposium on Research in Computer Security, Berlin, 2009: 200-215. doi: 10.1007/978-3-642-04444-1_13.
|
CABALLERO J, POOSANKAM P, KREIBICH C, et al. Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering[C]. Proceedings of the 16th ACM Conference on Computer and Communications Security, New York, 2009: 621-634. doi: 10.1145/1653662. 1653737.
|
CABALLERO J and SONG D. Automatic protocol reverse- engineering: message format extraction and field semantics inference[J]. Computer Network, 2013, 57(2): 451-474. doi: 10.1016/j.comnet.2012.08.003.
|
CUI Weidong, KANNAN J, and WANG H J. Discoverer: Automatic protocol reverse engineering from network traces[C]. Proceedings of the 16th USENIX Security Symposium, Berkeley, 2007: 199-212.
|
黎敏, 余顺争. 抗噪的未知应用层协议报文格式最佳分段方法[J]. 软件学报, 2013, 24(3): 604-617. doi: 10.3724/SP.J. 1001.2013.04243.
|
LI Min and YU Shunzheng. Noise-tolerant and optimal segmentation of message formats for unknown application- layer protocols[J]. Journal of Software, 2013, 24(3): 604-617. doi: 10.3724/SP.J.1001.2013.04243.
|
LUO Jianzhen and YU Shunzheng. Position-based automatic reverse engineering of network protocols[J]. Journal of Network and Computer Applications, 2013, 36(3): 1070-1077. doi: 10.1016/j.jnca.2013.01.013.
|
ZHANG Zhuo, ZHANG Zhibin, Lee P P C, et al. Toward unsupervised protocol feature Word extraction[J]. IEEE Journal on Selected Areas in Communications, 2014, 32(10): 1894-1906. doi: 10.1109/JSAC.2014.2358857.
|
BOSSERT G, GUIHRY F, and HIET G. Towards automated protocol reverse engineering using semantic information[C]. Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, Kyoto, 2014: 51-62. doi: 10.1145/2590296.2590346.
|
KUMANO Y, ATA S, NAKAMURA N, et al. Towards real- time processing for application identification of encrypted traffic[C]. International Conference on Computing, Networking and Communications, Honolulu, HI, 2014: 136-140. doi: 10.1109/ICCNC.2014.6785319.
|
赵博, 郭虹, 刘勤让, 等. 基于加权累积和检验的加密流量盲识别算法[J]. 软件学报, 2013, 24(6): 1334-1345. doi: 10. 3724/SP.J.1001.2013.04279.
|
ZHAO Bo, GUO Hong, LIU Qinrang, et al. Protocol independent identification of encrypted traffic based on weighted cumulative sum test[J]. Journal of Software, 2013, 24(6): 1334-1345. doi: 10.3724/SP.J.1001.2013.04279.
|
OLIVAIN J and GOUBAULT-LARRECQ J. Detecting subverted cryptographic protocols by entropy checking[R]. LSV-06-13, 2006.
|
BONFIGLIO D, MELLIA M, MEO M, et al. Revealing skype traffic: when randomness plays with you[C]. Proceedings of the ACM SIGCOMM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, Kyoto, 2007: 37-48. doi: 10.1145/1282380. 1282386.
|
PANINSKI L. A coincidence-based test for uniformity given very sparsely sampled discrete data[J]. IEEE Transactions on Information Theory, 2008, 54(10): 4750-4755. doi: 10.1109/ TIT.2008.928987.
|
PIRONTI A, POZZA D, and SISTO R. Spi2Java User Manual-Version 3.1[R]. Turin: Piedmont: Italy, Polytechnic University of Turin, 2008.
|
ACETO G, DAINOTTI A, DONATO W, et al. PortLoad: taking the best of two worlds in traffic classification[C]. Proceedings of IEEE International Conference on Computer Communications, San Diego, CA, 2010: 1-5. doi: 10.1109/ INFCOMW.2010.5466645.
|