, Évolution des contributions pour l'inférence de protocole basée sur l'analyse d'application. Les outils utilisant une approche active sont mis en gras Inférence applicative Format du Grammaire du message protocole, FFE, issue.2, p.86, 2006.
, , 2006.
, , 2007.
, , 2008.
, , 2008.
, , 2008.
, , 2009.
, , p.2010, 2009.
, , 2011.
, ARTISTE, 2012.
, Dispatcher, 2013.
, ARGOS, 2015.
, entropie des données auraient pu être utilisées et fournir des résultats intéressants Ce défi s'apparente au problème du placement des sondes présenté en section 3.1, mais le but ici est de déterminer automatiquement où placer une sonde de capture de messages dans une application binaire
, Bibliographie
, Learning regular sets from queries and counterexamples, Information and Computation, vol.75, issue.2, pp.87-106, 1987.
DOI : 10.1016/0890-5401(87)90052-6
, Reverse Engineering of Protocols from Network Traces, 2011 18th Working Conference on Reverse Engineering, pp.169-178, 2011.
DOI : 10.1109/WCRE.2011.28
, Network Protocol Analysis using Bioinformatics Algorithms, 2004.
, Protocol Informatics Project, 2004.
, Regular Inference for Communication Protocol Entities, 2008.
, Exploiting Semantic for the Automatic Reverse Engineering of Communication Protocols, 2014.
URL : https://hal.archives-ouvertes.fr/tel-01146797
, Towards automated protocol reverse engineering using semantic information, Proceedings of the 9th ACM symposium on Information, computer and communications security, ASIA CCS '14, pp.51-62, 2014.
DOI : 10.1145/2590296.2590346
URL : https://hal.archives-ouvertes.fr/hal-01009283
, Modelling to Simulate Botnet Command and Control Protocols for the Evaluation of Network Intrusion Detection Systems, 2011 Conference on Network and Information Systems Security, pp.1-8, 2011.
DOI : 10.1109/SAR-SSI.2011.5931397
URL : https://hal.archives-ouvertes.fr/hal-00658396
, ARTISTE: Automatic Generation of Hybrid Data Structure Signatures from Binary Code Executions, 2012.
, Dispatcher, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pp.621-634, 2009.
DOI : 10.1145/1653662.1653737
, Rosetta: Extracting protocol semantics using binary analysis with applications to protocol replay and NAT rewriting, 2007.
, Automatic protocol reverse-engineering: Message format extraction and field semantics inference, Computer Networks, vol.57, issue.2, pp.451-474
DOI : 10.1016/j.comnet.2012.08.003
, Polyglot, Proceedings of the 14th ACM conference on Computer and communications security , CCS '07, pp.317-329, 2007.
DOI : 10.1145/1315245.1315286
, Grammar and model extraction for security applications using dynamic program binary analysis, Thèse de doctorat non publiée, 2010.
, MACE: model-inference-assisted concolic exploration for protocol and vulnerability discovery, Proceedings of the 20th USENIX conference on Security, p.19, 2011.
, Inference and analysis of formal models of botnet command and control protocols, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, pp.426-439, 2010.
DOI : 10.1145/1866307.1866355
, Understanding Data Lifetime, Thèse de doctorat non publiée, 2006.
, Prospex: Protocol Specification Extraction, 2009 30th IEEE Symposium on Security and Privacy, pp.110-125, 2009.
DOI : 10.1109/SP.2009.14
, Discoverer: automatic protocol reverse engineering from network traces, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, pp.1-14, 2007.
, Protocol-independent adaptive replay of application dialog, Proceedings of the 13th annual network and distributed system security symposium (ndss), 2006.
, Tupni, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, pp.391-402, 2008.
DOI : 10.1145/1455770.1455820
, ShieldGen: Automatic Data Patch Generation for Unknown Vulnerabilities with Informed Probing, 2007 IEEE Symposium on Security and Privacy (SP '07), pp.252-266, 2007.
DOI : 10.1109/SP.2007.34
, The future of protocol reversing and simulation applied on ZeroAccess, 29c3: 29th chaos communication congress '12, p.3, 2012.
, Netzob : un outil pour la rétro-conception de protocoles de communication, Symposium sur la sécurité des technologies de l'information et de la communication, 2012.
, Learning stateful models for network honeypots, Proceedings of the 5th ACM workshop on Security and artificial intelligence, AISec '12, pp.37-48, 2012.
DOI : 10.1145/2381896.2381904
, ASAP: Automatic Semantics-Aware Analysis of Network Payloads, Privacy and Security Issues in Data Mining and Machine Learning, pp.50-63, 2010.
DOI : 10.1145/1390334.1390387
, Outils pour la rétro-conception de protocoles 31
, SGNET : automated protocol learning for the observation of malicious threats, Thèse de doctorat non publiée, 2008.
, ScriptGen: an automated script generation tool for honeyd, 21st Annual Computer Security Applications Conference (ACSAC'05), pp.12-214, 2005.
DOI : 10.1109/CSAC.2005.49
, A Survey on Methods of Automatic Protocol Reverse Engineering, 2011 Seventh International Conference on Computational Intelligence and Security, pp.685-689, 2011.
DOI : 10.1109/CIS.2011.156
, Extracting Output Formats from Executables, 2006 13th Working Conference on Reverse Engineering, pp.167-178, 2006.
DOI : 10.1109/WCRE.2006.29
, Reverse Engineering of Data Structures from Binary, Thèse de doctorat non publiée, 2011.
, Automatic Protocol Format Reverse Engineering through Context-Aware Monitored Execution, Proceedings of the 15th annual network and distributed system security symposium (ndss), 2008.
, Automatic Reverse Engineering of Data Structures from Binary Execution, Proceedings of the 17th annual network and distributed system security symposium (ndss), 2010.
, A Survey of Automatic Protocol Reverse Engineering Tools, ACM Computing Surveys, vol.48, issue.3, p.40, 2015.
DOI : 10.1109/ICDMA.2012.125
, A general method applicable to the search for similarities in the amino acid sequence of two proteins, Journal of Molecular Biology, vol.48, issue.3, pp.443-453, 1970.
DOI : 10.1016/0022-2836(70)90057-4
, Accuracy of estimated phylogenetic trees from molecular data, Journal of Molecular Evolution, vol.18, issue.2, pp.153-170, 1983.
DOI : 10.1016/B978-0-12-398560-6.50036-5
, Replayer, Proceedings of the 13th ACM conference on Computer and communications security , CCS '06, pp.311-321, 2006.
DOI : 10.1145/1180405.1180444
, A Next-Generation Platform for Analyzing Executables, 3rd asian symposium on programming languages and systems, pp.212-229, 2005.
, Opening windows to a wider world, 2017.
, Dynamic data structure excavation, 2010.
, Howard: A Dynamic Excavator for Reverse Engineering Data Structures, Proceedings of the 18th annual network and distributed system security symposium (ndss), 2011.
, Towards automatic reverse engineering of software security configurations, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, pp.245-256, 2008.
DOI : 10.1145/1455770.1455802
, septembre) Inferring Protocol State Machine from Real- World Trace, Recent Advances in Intrusion Detection, pp.498-499, 2010.
, Inferring Protocol State Machine from Network Traces: A Probabilistic Approach, Applied Cryptography and Network Security, pp.1-18, 2011.
DOI : 10.1080/01969727408546059
, ReFormat: Automatic Reverse Engineering of Encrypted Messages, Computer Security ? ESORICS 2009, pp.200-215, 2009.
DOI : 10.1109/SP.2009.14
URL : http://www.cs.berkeley.edu/~wdc/papers/reformat-esorics09.pdf
, Automatic network protocol analysis, Proceedings of the 15th annual network and distributed system security symposium (ndss), 2008.
, Towards Automatic Inference of Kernel Object Semantics from Binary Code, 18th International Symposium, RAID 2015, pp.538-561, 2015.
DOI : 10.1007/978-3-319-26362-5_25