{"title":"How far an evolutionary approach can go for protocol state analysis and discovery","authors":"P. LaRoche, A. Burrows, A. N. Zincir-Heywood","doi":"10.1109/CEC.2013.6557965","DOIUrl":null,"url":null,"abstract":"Securing todays computer networks requires numerous technologies to constantly be developed, refined and challenged. One area of research aiding in this process is that of protocol analysis, the study of the methods with which networks communicate. Our specific area of interest, the interaction with different protocol implementations, is a crucial component of this domain. Our work aims to identify and highlight a protocols states and state transitions, while minimizing the required a priori knowledge known about the protocol and its different versions (implementations). To this end, our approach uses a Genetic Programming (GP) based technique in order to analyze a client or a server of a given protocol via interacting with it with minimum a priori information. We evaluate our system against another well-known system from the literature on two different protocols, namely Dynamic Host Configuration Protocol (DHCP) and File Transfer Protocol (FTP). We measure the performances of these two systems in terms of the similarities and differences seen in the state diagrams produced for the protocols under testing. Results show that, by using our approach, it is possible to identify the different versions of a given protocol.","PeriodicalId":211988,"journal":{"name":"2013 IEEE Congress on Evolutionary Computation","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2013-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE Congress on Evolutionary Computation","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CEC.2013.6557965","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
Securing todays computer networks requires numerous technologies to constantly be developed, refined and challenged. One area of research aiding in this process is that of protocol analysis, the study of the methods with which networks communicate. Our specific area of interest, the interaction with different protocol implementations, is a crucial component of this domain. Our work aims to identify and highlight a protocols states and state transitions, while minimizing the required a priori knowledge known about the protocol and its different versions (implementations). To this end, our approach uses a Genetic Programming (GP) based technique in order to analyze a client or a server of a given protocol via interacting with it with minimum a priori information. We evaluate our system against another well-known system from the literature on two different protocols, namely Dynamic Host Configuration Protocol (DHCP) and File Transfer Protocol (FTP). We measure the performances of these two systems in terms of the similarities and differences seen in the state diagrams produced for the protocols under testing. Results show that, by using our approach, it is possible to identify the different versions of a given protocol.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
