Security tools have evolved dramatically in the recent years to combat the increasingly complex nature of attacks, but to be effective these tools need to be configured by experts that understand network protocols thoroughly. In this paper we present FieldHunter, which automatically extracts fields and infers their types; providing this much needed information to the security experts for keeping pace with the increasing rate of new network applications and their underlying protocols. FieldHunter relies on collecting application messages from multiple sessions and then applying statistical correlations is able to infer the types of the fields. These statistical correlations can be between different messages or other associations with meta-da...
Network managers are inevitably called upon to associate network traffic with particular application...
The major problem is the absence of effective techniques for network protocol security monitoring, m...
Different techniques for traffic classification are utilized in various fields of application. In th...
Security tools have evolved dramatically in the recent years to combat the increasingly complex natu...
Abstract. Application-level protocol specifications (i.e., how a protocol should behave) are helpful...
12 pagesInternational audienceNetwork security products, such as NIDS or application firewalls, tend...
Protocol reverse engineering is the process of extracting application-level specifications for netwo...
Protocol reverse engineering, the process of extracting the application-level protocol used by an im...
Application-level protocol specifications are useful for many security applications, including intru...
International audienceCommunication protocols enable structured information exchanges between differ...
Abstract—Unknown protocol inference are useful for many security application, including intrusion de...
Abstract—Extracting the protocol message format specifica-tions of unknown applications from network...
Existing approaches to reverse engineer network protocols based on traffic traces lack comprehensive...
With the rapid development of Internet, especially the mobile Internet, the new applications or netw...
A method for analyzing a binary-based application protocol of a network. The method includes obtaini...
Network managers are inevitably called upon to associate network traffic with particular application...
The major problem is the absence of effective techniques for network protocol security monitoring, m...
Different techniques for traffic classification are utilized in various fields of application. In th...
Security tools have evolved dramatically in the recent years to combat the increasingly complex natu...
Abstract. Application-level protocol specifications (i.e., how a protocol should behave) are helpful...
12 pagesInternational audienceNetwork security products, such as NIDS or application firewalls, tend...
Protocol reverse engineering is the process of extracting application-level specifications for netwo...
Protocol reverse engineering, the process of extracting the application-level protocol used by an im...
Application-level protocol specifications are useful for many security applications, including intru...
International audienceCommunication protocols enable structured information exchanges between differ...
Abstract—Unknown protocol inference are useful for many security application, including intrusion de...
Abstract—Extracting the protocol message format specifica-tions of unknown applications from network...
Existing approaches to reverse engineer network protocols based on traffic traces lack comprehensive...
With the rapid development of Internet, especially the mobile Internet, the new applications or netw...
A method for analyzing a binary-based application protocol of a network. The method includes obtaini...
Network managers are inevitably called upon to associate network traffic with particular application...
The major problem is the absence of effective techniques for network protocol security monitoring, m...
Different techniques for traffic classification are utilized in various fields of application. In th...