all InfoSec news
Network Message Field Type Classification and Recognition for Unknown Binary Protocols. (arXiv:2301.03584v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Reverse engineering of unknown network protocols based on recorded traffic
traces enables security analyses and debugging of undocumented network
services. In particular for binary protocols, existing approaches (1) lack
comprehensive methods to classify or determine the data type of a discovered
segment in a message, e.,g., a number, timestamp, or network address, that
would allow for a semantic interpretation and (2) have strong assumptions that
prevent analysis of lower-layer protocols often found in IoT or mobile systems.
In this paper, …
address analysis binary classification data debugging engineering message network protocols recognition reverse reverse engineering security segment services traces traffic