Jisuanji kexue (Oct 2022)
Field Segmentation of Binary Protocol Based on Probability Model
Abstract
Field segmentation is the basis of protocol format inference.The subsequent steps of protocol format inference,such as message structure identification,field semantic inference and field value constraint inference,highly depend on the quality of field segmentation.Field segmentation of binary protocol is a big challenge because of the lack of character coding and delimitation,the flexibility of field length and the expansiveness of field range.To improve feature construction and decision rules,this paper proposes a novel binary protocol field segmentation method based on probability model.First,it constructs the field boundary constraint relationship of binary protocol messages from the internal structure of message and the value change between messages.Then,it combines various constraints in the way of probability,calculating the probability of each position becoming the boundary by factor graph model.Finally,the most likely field boundaries are obtained from probability.Experiments show that the proposed method can achieve more accurate and robust results than the traditional methods in binary protocol field segmentation.
Keywords
