Abstract
Unknown protocol's hidden behavior is becoming a new challenge in network security. This paper takes the captured messages and the binary code that implement the protocol both as the studied object. Dynamic Taint Analysis combined with Static Analysis is used for protocol analyzing. Firstly, monitor and analyze the process of protocol program parses the message in the virtual platform HiddenDisc prototype system developed by ourselves, record the protocol's public behavior, then based on our proposed Hidden Behavior Perception and Mining algorithm, static analyze the protocol's hidden behavior trigger conditions and hidden behavior instruction sequences. According to the hidden behavior trigger conditions, new protocol messages with the sensitive information are generated, and the hidden behaviors are executed by dynamic triggering. HiddenDisc prototype system can sense, trigger and analysis the protocol's hidden behaviors. According to the statistical analysis results, we propose the evaluation method of Protocol Execution Security. The experimental results show that the present method can accurately mining the protocol's hidden behaviors, and can evaluate unknown protocol's execution security.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
