Automatic State Machine Inference for Binary Protocol Reverse Engineering

• URL: http://arxiv.org/abs/2412.02540v1
• Date: Tue, 03 Dec 2024 16:33:17 GMT
• Title: Automatic State Machine Inference for Binary Protocol Reverse Engineering
• Authors: Junhai Yang, Fenghua Li, Yixuan Zhang, Junhao Zhang, Liang Fang, Yunchuan Guo,
• Abstract summary: We propose an automatic PSM inference framework for unknown protocols. We refine a probabilistic PSM algorithm to infer protocol states and the transition conditions between these states. Experimental results show that, compared with existing PRE techniques, our method can infer PSMs while enabling more precise classification of protocols.
• Score: 20.35198277628804
• License:
• Abstract: Protocol Reverse Engineering (PRE) is used to analyze protocols by inferring their structure and behavior. However, current PRE methods mainly focus on field identification within a single protocol and neglect Protocol State Machine (PSM) analysis in mixed protocol environments. This results in insufficient analysis of protocols' abnormal behavior and potential vulnerabilities, which are crucial for detecting and defending against new attack patterns. To address these challenges, we propose an automatic PSM inference framework for unknown protocols, including a fuzzy membership-based auto-converging DBSCAN algorithm for protocol format clustering, followed by a session clustering algorithm based on Needleman-Wunsch and K-Medoids algorithms to classify sessions by protocol type. Finally, we refine a probabilistic PSM algorithm to infer protocol states and the transition conditions between these states. Experimental results show that, compared with existing PRE techniques, our method can infer PSMs while enabling more precise classification of protocols.

Related papers

• Inferring State Machine from the Protocol Implementation via Large Language Model [18.942047454890847]
  State machines play a pivotal role in augmenting the efficacy of protocol analyzing to unveil more vulnerabilities. Traditional methods based on dynamic analysis often overlook crucial state transitions due to limited coverage. We propose an innovative state machine inference approach powered by Large Language Models (LLMs) named ProtocolGPT.
  arXiv  Detail & Related papers  (2024-05-01T08:46:36Z)
• Experimental implementation of distributed phase reference quantum key distribution protocols [1.4513830934124623]
  We have experimentally realized optical fiber based coherent one way and differential phase shift QKD protocols at telecom wavelength. Both protocols belong to a class of protocols named as distributed phase reference protocol in which weak coherent pulses are used to encode the information.
  arXiv  Detail & Related papers  (2023-12-30T05:29:26Z)
• Towards Semantic Communication Protocols for 6G: From Protocol Learning to Language-Oriented Approaches [60.6632432485476]
  6G systems are expected to address a wide range of non-stationary tasks. This poses challenges to traditional medium access control (MAC) protocols that are static and predefined. Data-driven MAC protocols have recently emerged, offering ability to tailor their signaling messages for specific tasks. This article presents a novel categorization of these data-driven MAC protocols into three levels: Level 1 MAC. task-oriented neural protocols constructed using multi-agent deep reinforcement learning (MADRL); Level 2 MAC. neural network-oriented symbolic protocols developed by converting Level 1 MAC outputs into explicit symbols; and Level 3 MAC. language-oriented semantic protocols harnessing
  arXiv  Detail & Related papers  (2023-10-14T06:28:50Z)
• Provably Efficient UCB-type Algorithms For Learning Predictive State Representations [55.00359893021461]
  The sequential decision-making problem is statistically learnable if it admits a low-rank structure modeled by predictive state representations (PSRs) This paper proposes the first known UCB-type approach for PSRs, featuring a novel bonus term that upper bounds the total variation distance between the estimated and true models. In contrast to existing approaches for PSRs, our UCB-type algorithms enjoy computational tractability, last-iterate guaranteed near-optimal policy, and guaranteed model accuracy.
  arXiv  Detail & Related papers  (2023-07-01T18:35:21Z)
• Practical Phase-Coding Side-Channel-Secure Quantum Key Distribution [8.464021993320305]
  A new QKD protocol called phasecoding side-channel-secure channels (PC-SCS) protocol is proposed. A finite-key security analysis against coherent attack of the new protocol is given. A practical transmission distance of 300 km can be realized by the PC-SCS protocol.
  arXiv  Detail & Related papers  (2023-05-23T09:34:47Z)
• OLYMPIA: A Simulation Framework for Evaluating the Concrete Scalability of Secure Aggregation Protocols [1.8069913326395433]
  We present OLYMPIA, a framework for empirical evaluation of secure protocols via simulation. OLYMPIA provides an embedded domain-specific language for defining protocols, and a simulation framework for evaluating their performance.
  arXiv  Detail & Related papers  (2023-02-20T16:46:46Z)
• Towards Semantic Communication Protocols: A Probabilistic Logic Perspective [69.68769942563812]
  We propose a semantic protocol model (SPM) constructed by transforming an NPM into an interpretable symbolic graph written in the probabilistic logic programming language (ProbLog) By leveraging its interpretability and memory-efficiency, we demonstrate several applications such as SPM reconfiguration for collision-avoidance.
  arXiv  Detail & Related papers  (2022-07-08T14:19:36Z)
• Data post-processing for the one-way heterodyne protocol under composable finite-size security [62.997667081978825]
  We study the performance of a practical continuous-variable (CV) quantum key distribution protocol. We focus on the Gaussian-modulated coherent-state protocol with heterodyne detection in a high signal-to-noise ratio regime. This allows us to study the performance for practical implementations of the protocol and optimize the parameters connected to the steps above.
  arXiv  Detail & Related papers  (2022-05-20T12:37:09Z)
• Reinforcement learning-enhanced protocols for coherent population-transfer in three-level quantum systems [50.591267188664666]
  We deploy a combination of reinforcement learning-based approaches and more traditional optimization techniques to identify optimal protocols for population transfer. Our approach is able to explore the space of possible control protocols to reveal the existence of efficient protocols. The new protocols that we identify are robust against both energy losses and dephasing.
  arXiv  Detail & Related papers  (2021-09-02T14:17:30Z)
• Round-robin differential phase-time-shifting protocol for quantum key distribution: theory and experiment [58.03659958248968]
  Quantum key distribution (QKD) allows the establishment of common cryptographic keys among distant parties. Recently, a QKD protocol that circumvents the need for monitoring signal disturbance, has been proposed and demonstrated in initial experiments. We derive the security proofs of the round-robin differential phase-time-shifting protocol in the collective attack scenario. Our results show that the RRDPTS protocol can achieve higher secret key rate in comparison with the RRDPS, in the condition of high quantum bit error rate.
  arXiv  Detail & Related papers  (2021-03-15T15:20:09Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.