面向比特流的未知协议识别与分析技术综述
分析了未知协议的使用对网络安全监管带来的挑战,总结了现有已知协议识别技术存在的弊端;综述了现有面向比特流的协议识别研究领域所涉及的主要内容,重点研究了现有未知协议格式推断方法,包括频繁模式挖掘、关联规则挖掘、比特流帧切分以及协议格式推断并总结了各自的特点;最后讨论了下一步的研究方向。...
Saved in:
| Published in | 计算机应用研究 Vol. 33; no. 11; pp. 3206 - 3210 |
|---|---|
| Main Author | |
| Format | Journal Article |
| Language | Chinese |
| Published |
军械工程学院 信息工程系,石家庄,050003%解放军外国语学院 指挥系,河南 洛阳,471003
2016
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 1001-3695 |
| DOI | 10.3969/j.issn.1001--3695.2016.11.002 |
Cover
| Summary: | 分析了未知协议的使用对网络安全监管带来的挑战,总结了现有已知协议识别技术存在的弊端;综述了现有面向比特流的协议识别研究领域所涉及的主要内容,重点研究了现有未知协议格式推断方法,包括频繁模式挖掘、关联规则挖掘、比特流帧切分以及协议格式推断并总结了各自的特点;最后讨论了下一步的研究方向。 |
|---|---|
| Bibliography: | 51-1196/TP unknown protocol; bit stream; protocol format inferring; protocol identification This paper analyzed the challenges presented by the use of unknown protocol for the network security supervision, collected and introduced the insufficiency of the existing protocol identification technology. It presented a comprehensive sur- vey of the existing main contents of bit stream oriented protocol identification research field, studied the method of inferring the format of unknown protocol including frequent pattern mining, association rule mining, frame segmentation and protocol format inferring, introduced and analyzed respectively features of these techniques. Finally it discussed the trend of research and application. Lei Dong1, Wang Tao1, Zhao Jianpeng2 , Ma Yunfei1 ( 1. Dept. of Information Engineering, Ordnance Engineering College, Shijiazhuang 050003, China ; 2. Dept. of Command, PLA University of Foreign Language, Luoyang Henan 471003, China) |
| ISSN: | 1001-3695 |
| DOI: | 10.3969/j.issn.1001--3695.2016.11.002 |