Survey of Protocol Reverse Engineering Algorithms: Decomposition of Tools for Static Traffic Analysis

Journal article
(other)


Publication Details

Author(s): Kleber S, Maile L, Kargl F
Journal: IEEE Communications Surveys & Tutorials
Publication year: 2018
Volume: PP
Pages range: 1-1
ISSN: 1553-877X
Language: English


Abstract

Knowledge about a network protocol to understand the communication
between entities is necessary for vulnerability research, penetration
testing, malware analysis, network reconnaissance, and network modeling.
Traffic analysis is one approach to infer a protocol, and this approach
has specific challenges, tasks, methods, and solutions. In this survey,
we collect tools presented by prior research in the field of protocol
reverse engineering by static traffic trace analysis. We dissect each
tool to discern the individual mechanisms and the algorithms on which
they are based, then categorize and contrast the mechanisms and
algorithms used in static traffic trace analysis to discuss how
successfully they were applied in each case. To structure our discussion
about the tools, we compared classification schemes for protocol
reverse engineering. We present and discuss an explicit process model
for static traffic trace analysis to reveal the common structure of the
decomposed tools and frameworks from previous research. Via discussions
of the algorithms applied within each tool, we show relations between
tools, methods, and the process for each process task. We validate our
model by applying it to each of the tools, then provide an outline of
the utility of protocol reverse engineering. Beginning with the process
description, we deduce which solutions and algorithms have already been
investigated and where challenges remain to determine how new solutions
may be researched in the future. Across the entire field of protocol
reverse engineering, few implementations of tools and frameworks are
publicly available, which remains a prevalent problem.


FAU Authors / FAU Editors

Maile, Lisa
Computer Science 7 (Computer Networks and Communication Systems)


External institutions with authors

Universität Ulm


How to cite

APA:
Kleber, S., Maile, L., & Kargl, F. (2018). Survey of Protocol Reverse Engineering Algorithms: Decomposition of Tools for Static Traffic Analysis. IEEE Communications Surveys & Tutorials, PP, 1-1. https://dx.doi.org/10.1109/COMST.2018.2867544

MLA:
Kleber, Stephan, Lisa Maile, and Frank Kargl. "Survey of Protocol Reverse Engineering Algorithms: Decomposition of Tools for Static Traffic Analysis." IEEE Communications Surveys & Tutorials PP (2018): 1-1.

BibTeX: 

Last updated on 2019-16-01 at 14:10

Share link