References
- Krueger T, Gascon H, Krämer N, et al. Learning stateful models for network honeypots. In: Proceedings of the 5th ACM workshop on Security and Artificial Intelligence. ACM; 2012. p. 37–48.
- Gascon H, Wressnegger C, Yamaguchi F, et al. Pulsar: stateful black-box fuzzing of proprietary network protocols. In: International Conference on Security and Privacy in Communication Systems. Springer; 2015. p. 330–347.
- Leita C, Mermoud K, Dacier M. Scriptgen: an automated script generation tool for honeyd. In: 21st Annual Computer Security Applications Conference (ACSAC'05). IEEE; 2005. p. 12.
- Wressnegger C, Kellner A, Rieck K. Zoe: content-based anomaly detection for industrial control systems. In: 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE; 2018. p. 127–138.
- Cui W, Kannan J, Wang HJ. Discoverer: automatic protocol reverse engineering from network traces, in Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium. USENIX Association, 2007. p. 1–14.
- Wang Y, Yun X, Shafiq MZ, et al. A semantics aware approach to automated reverse engineering unknown protocols. In: 2012 20th IEEE International Conference on Network Protocols (ICNP). IEEE; 2012. p. 1–10.
- Swales A. Swales: open modbus/tcp specification. Schneider Electric. 1999;29.
- Caballero J, Yin H, Liang Z, et al. Polyglot: automatic extraction of protocol message format using dynamic binary analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM; 2007. p. 317–329.
- Lin Z, Jiang X, Xu D. Automatic protocol format reverse engineering through context-aware monitored execution. In in 15th Symposium on Network and Distributed System Security, San Diego, CA. NDSS; 2008. p. 1–15.
- Wang Z, Jiang X, Cui W, et al. Reformat: automatic reverse engineering of encrypted messages. In: European Symposium on Research in Computer Security. Springer; 2009. p. 200–215.
- Cui W, Peinado M, Chen K, et al. Tupni: automatic reverse engineering of input formats. In: Proceedings of the 15th ACM Conference on Computer and Communications Security. ACM; 2008. p. 391–402.
- Leita C. D4. 6 protocol learning for ami environments.
- Bossert G, Guihéry F, Hiet G. Towards automated protocol reverse engineering using semantic information. In: Proceedings of the 9th ACM symposium on Information, Computer and Communications Security. ACM; 2014. p. 51–62.
- Antunes J, Neves N, Verissimo P. Reverse engineering of protocols from network traces. In: 2011 18th Working Conference on Reverse Engineering (WCRE). IEEE; 2011. p. 169–178.
- Krueger T, Krämer N, Rieck K. Asap: Automatic semantics-aware analysis of network payloads. In: International Workshop on Privacy and Security Issues in Data Mining and Machine Learning. Springer; 2010. p. 50–63.
- Kleber S, Kopp H, Kargl F. NEMESYS: NetworkMessage Syntax Reverse Engineering by Analysis of the Intrinsic Structure of Individual Messages. In: Workshop on Offensive Technologies, WOOT.USENIX Association, 2018.
- Zhang Z, Zhang Z, Lee PPC, et al. Toward unsupervised protocol feature word extraction. IEEE J Sel Areas Commun. 2014;32(10):1894–1906. doi: 10.1109/JSAC.2014.2358857
- Needleman SB, Wunsch CD. A general method applicable to the search for similarities in the amino acid sequence of two proteins. J Mol Biol. 1970;48(3):443–453. doi: 10.1016/0022-2836(70)90057-4
- Shim K-S, Goo Y-H, Lee M-S, et al. Inference of network unknown protocol structure using csp (contiguous sequence pattern) algorithm based on tree structure. In: NOMS 2018-2018 IEEE/IFIP Network Operations and Management Symposium. IEEE; 2018. p. 1–4.
- Beddoe MA. Network protocol analysis using bioinformatics algorithms, 2004.
- Ládi G, Buttyán L, Holczer T. Message format and field semantics inference for binary protocols using recorded network traffic. In: 2018 26th International Conference on Software, Telecommunications and Computer Networks (SoftCOM). IEEE; 2018. p. 1–6.
- Goo Y-H, Shim K-S, Chae B-M, et al. Framework for precise protocol reverse engineering based on network traces. In: NOMS 2018-2018 IEEE/IFIP Network Operations and Management Symposium. IEEE; 2018. p. 1–4.
- Blei DM, Ng AY, Jordan MI. Latent Dirichlet allocation. J Mach Learn Res. 2003;3(Jan):993–1022.
- Luo X, Chen D, Wang Y, et al. A type-aware approach to message clustering for protocol reverse engineering. Sensors. 2019;19(3):716. doi: 10.3390/s19030716
- Cohen P, Adams N, Heeringa B. Voting experts: an unsupervised algorithm for segmenting sequences. Intell Data Anal. 2007;11(6):607–625. doi: 10.3233/IDA-2007-11603
- Duchêne J, Guernic CL, Alata E, et al. State of the art of network protocol reverse engineering tools. J Comput Virol Hacking Tech. 2018;14(1):53–68. doi: 10.1007/s11416-016-0289-8
- Narayan J, Shukla SK, Clancy TC. A survey of automatic protocol reverse engineering tools. ACM Comput Surv (CSUR). 2016;48(3):40.