| Author | Kleber, Stephan | dc.contributor.author |
| Author | Kargl, Frank | dc.contributor.author |
| Date of accession | 2020-02-21T14:34:49Z | dc.date.accessioned |
| Available in OPARU since | 2020-02-21T14:34:49Z | dc.date.available |
| Date of first publication | 2019-11 | dc.date.issued |
| Abstract | Existing approaches to reverse engineer network protocols based on traffic traces lack comprehensive methods to determine the data type, e. g. float, timestamp, or addresses, of segments in messages
of binary protocols. We propose a novel method for the analysis of unknown protocol messages to reveal the data types contained in these messages. Therefore, we split messages into segments of
bytes and interpret these as vectors of byte values. Based on the vector interpretation, we can determine similarities and characteristics of specific data types. These can be used to classify segments
into clusters of the same type and to identify their data type for previously trained data types. We performed first evaluations of different applications of our method that show promising results
up the a data-type-recognition precision of 100 %. | dc.description.abstract |
| Language | en_US | dc.language.iso |
| Publisher | Universität Ulm | dc.publisher |
| License | Standard | dc.rights |
| Link to license text | https://oparu.uni-ulm.de/xmlui/license_v3 | dc.rights.uri |
| Keyword | Protocol testing and verification | dc.subject |
| Dewey Decimal Group | DDC 004 / Data processing & computer science | dc.subject.ddc |
| LCSH | Electronic data processing; Backup processing alternatives | dc.subject.lcsh |
| LCSH | IPSec (Computer network protocol) | dc.subject.lcsh |
| LCSH | Computer networks | dc.subject.lcsh |
| LCSH | Computer network protocols | dc.subject.lcsh |
| LCSH | Evaluation | dc.subject.lcsh |
| LCSH | Cluster analysis | dc.subject.lcsh |
| LCSH | Computer networks; Security measures | dc.subject.lcsh |
| Title | Poster: Network message field type recognition | dc.title |
| Resource type | Beitrag zu einer Konferenz | dc.type |
| Version | acceptedVersion | dc.description.version |
| DOI | http://dx.doi.org/10.18725/OPARU-25469 | dc.identifier.doi |
| URN | http://nbn-resolving.de/urn:nbn:de:bsz:289-oparu-25532-3 | dc.identifier.urn |
| GND | Datensicherung | dc.subject.gnd |
| GND | IPSec | dc.subject.gnd |
| GND | Datennetz | dc.subject.gnd |
| GND | Evaluation | dc.subject.gnd |
| GND | Computersicherheit | dc.subject.gnd |
| GND | Cluster-Analyse | dc.subject.gnd |
| Faculty | Fakultät für Ingenieurwissenschaften, Informatik und Psychologie | uulm.affiliationGeneral |
| Institution | Institut für Verteilte Systeme | uulm.affiliationSpecific |
| Peer review | ja | uulm.peerReview |
| DCMI Type | Text | uulm.typeDCMI |
| Category | Publikationen | uulm.category |
| DOI of original publication | 10.1145/3319535.3363261 | dc.relation1.doi |
| Source - Title of source | CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security | source.title |
| Quellenangabe - Herausgeber | ACM | source.contributor.editor1 |
| Source - Publisher | New York | source.publisherPlace |
| Source - Place of publication | Association for Computing Machinery | source.publisher |
| Source - Volume | 2019 | source.volume |
| Source - Year | 2019 | source.year |
| Source - From page | 2581 | source.fromPage |
| Source - To page | 2583 | source.toPage |
| Source - ISBN | 978-1-4503-6747-9 | source.identifier.isbn |
| Conference name | 2019 ACM SIGSAC Conference on Computer and Communications Security | uulm.conferenceName |
| Conference place | London | uulm.conferencePlace |
| Conference start date | 2019-11-11 | uulm.conferenceStartDate |
| Conference end date | 2019-11-15 | uulm.conferenceEndDate |
| Bibliography | uulm | uulm.bibliographie |
