Application-level protocol specifications are useful for many security applications, including intrusion prevention and detection that performs deep packet inspection and traffic normalization, and penetration testing that generates network inputs to an application to uncover potential vulnerabilities. However, current practice in deriving protocol specifications is mostly manual. In this paper, we present Discoverer, a tool for automatically reverse engineering the protocol message formats of an application from its network trace. A key property of Discoverer is that it operates in a protocol-independent fashion by inferring protocol idioms commonly seen in message formats of many application-level protocols. We evaluated the efficacy of D...
Security tools have evolved dramatically in the recent years to combat the increasingly complex natu...
With the rapid development of Internet, especially the mobile Internet, the new applications or netw...
To discover low-level security vulnerabilities in target applications that implement stateful networ...
Protocol reverse engineering is the process of extracting application-level specifications for netwo...
Abstract—Extracting the protocol message format specifica-tions of unknown applications from network...
Protocol reverse engineering, the process of extracting the application-level protocol used by an im...
12 pagesInternational audienceNetwork security products, such as NIDS or application firewalls, tend...
Protocol reverse engineering has often been a manual process that is considered time-consuming, tedi...
Reviewed by Miguel CorreiaCommunication protocols determine how network components interact with eac...
International audienceCommunication protocols enable structured information exchanges between differ...
Abstract—Unknown protocol inference are useful for many security application, including intrusion de...
Abstract. Application-level protocol specifications (i.e., how a protocol should behave) are helpful...
Many reported vulnerabilities are related to the way that a system accepts, processes, and interpret...
A network protocol defines rules that control communications between two or more machines on the Int...
Security tools have evolved dramatically in the recent years to combat the increasingly complex natu...
Security tools have evolved dramatically in the recent years to combat the increasingly complex natu...
With the rapid development of Internet, especially the mobile Internet, the new applications or netw...
To discover low-level security vulnerabilities in target applications that implement stateful networ...
Protocol reverse engineering is the process of extracting application-level specifications for netwo...
Abstract—Extracting the protocol message format specifica-tions of unknown applications from network...
Protocol reverse engineering, the process of extracting the application-level protocol used by an im...
12 pagesInternational audienceNetwork security products, such as NIDS or application firewalls, tend...
Protocol reverse engineering has often been a manual process that is considered time-consuming, tedi...
Reviewed by Miguel CorreiaCommunication protocols determine how network components interact with eac...
International audienceCommunication protocols enable structured information exchanges between differ...
Abstract—Unknown protocol inference are useful for many security application, including intrusion de...
Abstract. Application-level protocol specifications (i.e., how a protocol should behave) are helpful...
Many reported vulnerabilities are related to the way that a system accepts, processes, and interpret...
A network protocol defines rules that control communications between two or more machines on the Int...
Security tools have evolved dramatically in the recent years to combat the increasingly complex natu...
Security tools have evolved dramatically in the recent years to combat the increasingly complex natu...
With the rapid development of Internet, especially the mobile Internet, the new applications or netw...
To discover low-level security vulnerabilities in target applications that implement stateful networ...