{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T22:16:44Z","timestamp":1742941004699,"version":"3.40.3"},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319150864"},{"type":"electronic","value":"9783319150871"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-15087-1_27","type":"book-chapter","created":{"date-parts":[[2015,1,21]],"date-time":"2015-01-21T13:45:59Z","timestamp":1421847959000},"page":"345-357","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Multivariate Statistic Approach to Field Specifications of Binary Protocols in SCADA System"],"prefix":"10.1007","author":[{"given":"Seungoh","family":"Choi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yeop","family":"Chang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jeong-Han","family":"Yun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Woonyon","family":"Kim","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,1,22]]},"reference":[{"key":"27_CR1","unstructured":"National Cybersecurity and Communications Integration Center: ICS-CERT Year in Review (2013)"},{"key":"27_CR2","unstructured":"National Cybersecurity and Communications Integration Center: NCCIC\/ICS-CERT Monitor for January-April (2014)"},{"key":"27_CR3","unstructured":"Wondracek, G., Comparetti, P.M., Kruegel, C., Kirda, E., Anna, S.S.S.: Automatic network protocol analysis. In: NDSS, pp. 1\u201314 (2008)"},{"key":"27_CR4","unstructured":"Ming-Ming, X., Shun-zheng, Y., Yu, W.: Automatic network protocol automaton extraction. In: Third International Conference on Network and System Security, 2009. NSS 2009, pp. 336\u2013343 (2009)"},{"key":"27_CR5","first-page":"239","volume":"10","author":"S Gorbunov","year":"2010","unstructured":"Gorbunov, S., Rosenbloom, A.: Autofuzz: Automated network protocol fuzzing framework. IJCSNS 10, 239 (2010)","journal-title":"IJCSNS"},{"key":"27_CR6","unstructured":"Lin, Z., Jiang, X., Xu, D., Zhang, X.: Automatic protocol format reverse engineering through context-aware monitored execution. In: NDSS, pp. 1\u201315 (2008)"},{"key":"27_CR7","doi-asserted-by":"publisher","first-page":"451","DOI":"10.1016\/j.comnet.2012.08.003","volume":"57","author":"J Caballero","year":"2013","unstructured":"Caballero, J., Song, D.: Automatic protocol reverse-engineering: message format extraction and field semantics inference. Comput. Netw. 57, 451\u2013474 (2013)","journal-title":"Comput. Netw."},{"key":"27_CR8","doi-asserted-by":"crossref","unstructured":"Pang, R., Paxson, V., Sommer, R., Peterson, L.: binpac: a yacc for writing application protocol parsers. In: Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, pp. 289\u2013300. ACM, Rio de Janeriro, Brazil (2006)","DOI":"10.1145\/1177080.1177119"},{"key":"27_CR9","unstructured":"DeYoung, M.E.: Dynamic protocol reverse engineering: a grammatical inference approach. In: DTIC Document (2008)"},{"key":"27_CR10","unstructured":"Beddoe, M.A.: Network protocol analysis using bioinformatics algorithms (2004)"},{"key":"27_CR11","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Song, D.: Polyglot: automatic extraction of protocol message format using dynamic binary analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 317\u2013329. ACM, Alexandria, Virginia, USA (2007)","DOI":"10.1145\/1315245.1315286"},{"key":"27_CR12","doi-asserted-by":"crossref","unstructured":"Comparetti, P.M., Wondracek, G., Kruegel, C., Kirda, E.: Prospex: protocol specification extraction. In: Proceedings of the 2009 30th IEEE Symposium on Security and Privacy, pp. 110\u2013125. IEEE Computer Society (2009)","DOI":"10.1109\/SP.2009.14"},{"key":"27_CR13","unstructured":"Yongjun, H., Hui, S., Xiaobing, X.: Protocol reverse engineering based on DynamoRIO. In: International Conference on Information and Multimedia Technology, 2009. ICIMT 2009, pp. 310\u2013314 (2009)"},{"key":"27_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"200","DOI":"10.1007\/978-3-642-04444-1_13","volume-title":"Proceedings of the 14th European Conference on Research in Computer Security","author":"Z Wang","year":"2009","unstructured":"Wang, Z., Jiang, X., Cui, W., Wang, X., Grace, M.: ReFormat: automatic reverse engineering of encrypted messages. In: Backes, M., Ning, P. (eds.) Proceedings of the 14th European Conference on Research in Computer Security. Lecture Notes in Computer Science, pp. 200\u2013215. Springer, Saint-Malo, France (2009)"},{"key":"27_CR15","doi-asserted-by":"crossref","unstructured":"Antunes, J., Neves, N., Verissimo, P.: Reverse engineering of protocols from network traces. In: 2011 18th Working Conference on Reverse Engineering (WCRE), pp. 169\u2013178. IEEE (2011)","DOI":"10.1109\/WCRE.2011.28"},{"key":"27_CR16","doi-asserted-by":"crossref","unstructured":"Shevertalov, M., Mancoridis, S.: A reverse engineering tool for extracting protocols of networked applications. In: 14th Working Conference on Reverse Engineering 2007. WCRE 2007, pp. 229\u2013238 (2007)","DOI":"10.1109\/WCRE.2007.6"},{"key":"27_CR17","unstructured":"Allen-Bradley: DF1 protocol and command set reference manual. http:\/\/literature.rockwellautomation.com\/idc\/groups\/literature\/documents\/rm\/1770-m516_-en-p.pdf)"},{"key":"27_CR18","unstructured":"Modbus: Modbus application protocol specification V1.1b3. http:\/\/www.modbus.org\/docs\/Modbus_Application_Protocol_V1_1b3.pdf)"},{"key":"27_CR19","doi-asserted-by":"publisher","first-page":"443","DOI":"10.1016\/0022-2836(70)90057-4","volume":"48","author":"SB Needleman","year":"1970","unstructured":"Needleman, S.B., Wunsch, C.D.: A general method applicable to the search for similarities in the amino acid sequence of two proteins. J. Mol. Biol. 48, 443\u2013453 (1970)","journal-title":"J. Mol. Biol."},{"key":"27_CR20","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1002\/j.1538-7305.1948.tb01338.x","volume":"27","author":"CE Shannon","year":"1948","unstructured":"Shannon, C.E.: A mathematical theory of communication. Bell Syst. Tech. J. 27, 379\u2013423 (1948)","journal-title":"Bell Syst. Tech. J."}],"container-title":["Lecture Notes in Computer Science","Information Security Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-15087-1_27","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,28]],"date-time":"2023-01-28T11:03:35Z","timestamp":1674903815000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-15087-1_27"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319150864","9783319150871"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-15087-1_27","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"22 January 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}