{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T13:27:28Z","timestamp":1725888448182},"publisher-location":"Cham","reference-count":31,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319594620"},{"type":"electronic","value":"9783319594637"}],"license":[{"start":{"date-parts":[[2017,5,28]],"date-time":"2017-05-28T00:00:00Z","timestamp":1495929600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-59463-7_30","type":"book-chapter","created":{"date-parts":[[2017,5,27]],"date-time":"2017-05-27T02:26:44Z","timestamp":1495852004000},"page":"298-307","source":"Crossref","is-referenced-by-count":0,"title":["Perception Mining of Network Protocol\u2019s Dormant Behavior"],"prefix":"10.1007","author":[{"given":"Yan-Jing","family":"Hu","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,5,28]]},"reference":[{"key":"30_CR1","doi-asserted-by":"crossref","unstructured":"Ming, J., Xin, Z., Lan, P., Wu, D., Liu, P., Mao, B.: Impeding behavior-based malware analysis via replacement attacks to malware specifications. J. Comput. Virol Hack Tech., 1\u201315 (2016)","DOI":"10.1007\/s11416-016-0281-3"},{"key":"30_CR2","doi-asserted-by":"crossref","unstructured":"Han, K., Lim, J.H., Im, E.G.: Malware analysis method using visualization of binary files. In: Proceedings of the 2013 Research in Adaptive and Convergent Systems, Montreal, Quebec, Canada (2013)","DOI":"10.1145\/2513228.2513294"},{"key":"30_CR3","doi-asserted-by":"crossref","unstructured":"Hu, X., Shin, K.G.: DUET: integration of dynamic and static analyses for malware clustering with cluster ensembles. In: Proceedings of the 29th Annual Computer Security Applications Conference, New Orleans, Louisiana (2013)","DOI":"10.1145\/2523649.2523677"},{"key":"30_CR4","doi-asserted-by":"crossref","unstructured":"Ye, Y., Li, T., Chen, Y., Jiang, Q.: Automatic malware categorization using cluster ensemble. In: Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Washington, DC, USA (2010)","DOI":"10.1145\/1835804.1835820"},{"key":"30_CR5","doi-asserted-by":"crossref","unstructured":"Anderson, B., Storlie, C., Lane, T.: Improving malware classification: bridging the static\/dynamic gap. In: Proceedings of the 5th ACM workshop on Security and Artificial Intelligence, Raleigh, North Carolina, USA (2012)","DOI":"10.1145\/2381896.2381900"},{"issue":"2","key":"30_CR6","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2089125.2089126","volume":"44","author":"M Egele","year":"2012","unstructured":"Egele, M., Scholte, T., Kirda, E., Kruegel, C.: A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. 44(2), 1\u201342 (2012)","journal-title":"ACM Comput. Surv."},{"issue":"2","key":"30_CR7","doi-asserted-by":"crossref","first-page":"451","DOI":"10.1016\/j.comnet.2012.08.003","volume":"57","author":"J Caballero","year":"2013","unstructured":"Caballero, J., Song, D.: Automatic protocol reverse-engineering: message format extraction and field semantics inference. Comput. Netw. 57(2), 451\u2013474 (2013)","journal-title":"Comput. Netw."},{"key":"30_CR8","unstructured":"Meng, F.M., Liu, Y., Zhang, C., Li, T.: Inferring protocol state machine for binary communication protocol. In: Advanced Research and Technology in Industry Applications (WARTIA), 2014, pp. 870\u2013874 (2014)"},{"key":"30_CR9","doi-asserted-by":"crossref","unstructured":"Sedaghat, L., Duerling, B., Huang, X., Tang, Z.: Exploring data communication at system level through reverse engineering: a case study on USB device driver. In: Wong, W.E., Zhu, T. (eds.): Computer Engineering and Networking, pp. 329\u2013336. Springer (2014)","DOI":"10.1007\/978-3-319-01766-2_38"},{"key":"30_CR10","doi-asserted-by":"crossref","unstructured":"Li Xiang-Dong, L.C.: A survey on methods of automatic protocol reverse engineering. In: Proceedings of the 2011 Seventh International Conference on Computational Intelligence and Security, pp. 685\u2013689 (2011)","DOI":"10.1109\/CIS.2011.156"},{"issue":"3","key":"30_CR11","doi-asserted-by":"crossref","first-page":"1070","DOI":"10.1016\/j.jnca.2013.01.013","volume":"36","author":"J-Z Luo","year":"2013","unstructured":"Luo, J.-Z., Yu, S.-Z.: Position-based automatic reverse engineering of network protocols. J. Netw. Comput. Appl. 36(3), 1070\u20131077 (2013)","journal-title":"J. Netw. Comput. Appl."},{"key":"30_CR12","first-page":"1","volume":"49","author":"WQ-Y Zhang Zhao","year":"2013","unstructured":"Zhang Zhao, W.Q.-Y., Wen, T.: Survey of mining protocol specifications. Comput. Eng. Appl. 49, 1\u20139 (2013)","journal-title":"Comput. Eng. Appl."},{"key":"30_CR13","doi-asserted-by":"crossref","unstructured":"Wei Lin, J.F., Zhu, Y., Shi, X.: A method of multiple encryption and sectional encryption protocol reverse engineering. In: 2014 Tenth International Conference Computational Intelligence and Security (CIS), pp. 420\u2013424 (2014)","DOI":"10.1109\/CIS.2014.114"},{"key":"30_CR14","doi-asserted-by":"crossref","first-page":"75","DOI":"10.1016\/S1005-8885(13)60217-4","volume":"20","author":"Y Wang","year":"2013","unstructured":"Wang, Y., Gu, L.-z., Li, Z.-x., Yang, Y.-x.: Protocol reverse engineering through dynamic and static binary analysis. J. China Univ. Posts Telecommun. 20, 75\u201379 (2013)","journal-title":"J. China Univ. Posts Telecommun."},{"key":"30_CR15","unstructured":"Wondracek, G., Comparetti, P.M., Kruegel, C., Comparetti, P., Kirda, E.: Automatic network protocol analysis. In: Proceedings of the 15th Annual Network & Distributed System Security Symposium (NDSS 2008) (2008)"},{"key":"30_CR16","doi-asserted-by":"crossref","unstructured":"Rahbarinia, B., Perdisci, R., Lanzi, A., Li, K.: PeerRush: mining for unwanted P2P traffic. In: Rieck, K., Stewin, P., Seifert, J.-P. (eds.): Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 62\u201382. Springer (2013)","DOI":"10.1007\/978-3-642-39235-1_4"},{"key":"30_CR17","doi-asserted-by":"crossref","unstructured":"Cui, B., Wang, F., Hao, Y., Wang, L.: A taint based approach for automatic reverse engineering of gray-box file formats. Soft Comput., pp. 1\u201316 (2015)","DOI":"10.1007\/s00500-015-1713-6"},{"key":"30_CR18","doi-asserted-by":"crossref","unstructured":"Polino, M., Scorti, A., Maggi, F., Zanero, S.: Jackdaw: towards automatic reverse engineering of large datasets of binaries. In: Almgren, M., Gulisano, V., Maggi, F. (eds.): Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 121\u2013143. Springer (2015)","DOI":"10.1007\/978-3-319-20550-2_7"},{"key":"30_CR19","doi-asserted-by":"crossref","unstructured":"Rahimian, A., Ziarati, R., Preda, S., Debbabi, M.: On the reverse engineering of the citadel botnet. In: Danger, J.L., Debbabi, M., Marion, J.-Y., Garcia-Alfaro, J., Zincir Heywood, N. (eds.): Foundations and Practice of Security, pp. 408\u2013425. Springer (2014)","DOI":"10.1007\/978-3-319-05302-8_25"},{"key":"30_CR20","doi-asserted-by":"crossref","unstructured":"Rostami, M., Majzoobi, M., Koushanfar, F., Wallach, D., Devadas, S.: Robust and reverse-engineering resilient PUF authentication and key-exchange by substring matching. IEEE Trans. Emerg. Top. Comput., 1 (2014)","DOI":"10.1109\/TETC.2014.2300635"},{"issue":"3","key":"30_CR21","doi-asserted-by":"crossref","first-page":"992","DOI":"10.1016\/j.jnca.2011.03.017","volume":"35","author":"Y Wang","year":"2012","unstructured":"Wang, Y., Xiang, Y., Zhou, W., Yu, S.: Generating regular expression signatures for network traffic classification in trusted network management. J. Netw. Comput. Appl. 35(3), 992\u20131000 (2012)","journal-title":"J. Netw. Comput. Appl."},{"key":"30_CR22","doi-asserted-by":"crossref","unstructured":"Comparetti, P.M., Wondracek, G., Kruegel, C., Kirda, E.: Prospex: protocol specification extraction. In: Proceedings of the 30th IEEE Symposium on Security & Privacy, pp. 110\u2013125 (2009)","DOI":"10.1109\/SP.2009.14"},{"key":"30_CR23","doi-asserted-by":"crossref","unstructured":"Cui, W., Peinado, M., Chen, K.: Tupni: automatic reverse engineering of input formats. In: Proceedings of the 15th ACM Conferences on Computer and Communication Security, pp. 391\u2013402 (2008)","DOI":"10.1145\/1455770.1455820"},{"key":"30_CR24","unstructured":"Jo\u00e3o Antunes, N.N.: Automatically complementing protocol specifications from network traces (2014). http:\/\/www.di.fc.ul.pt\/~nuno\/Papers\/ewdc11.pdf"},{"key":"30_CR25","unstructured":"Jo\u00e3o Antunes, N.F.N., Verissimo, P.: ReverX: reverse engineering of protocols (2011). http:\/\/hdl.handle.net\/10455\/6699"},{"key":"30_CR26","unstructured":"Deyoung, M.E.: Dynamic protocol reverse engineering - a grammatical inference approach. Ohio: Air Force Institute of Technology (2008)"},{"key":"30_CR27","unstructured":"Dreger, H., Feldmann, A., Mai, M. et al.: Dynamic application layer protocol analysis for network intrusion detection. In: Proceedings of the 15th USENIX Security Symposium, pp. 257\u2013272 (2006)"},{"issue":"2","key":"30_CR28","first-page":"451","volume":"54","author":"DS Juan Caballero","year":"2012","unstructured":"Juan Caballero, D.S.: Automatic protocol reverse-engineering: message format extraction and field semantics inference. Comput. Netw. 54(2), 451\u2013474 (2012)","journal-title":"Comput. Netw."},{"key":"30_CR29","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Dawn, S.: Polyglot: automatic extraction of protocol message format using dynamic binary analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 317\u2013329 (2007)","DOI":"10.1145\/1315245.1315286"},{"key":"30_CR30","doi-asserted-by":"crossref","unstructured":"Caballero, J., Poosankam, P., Kreibich, C., Song, D.: Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 621\u2013634 (2009)","DOI":"10.1145\/1653662.1653737"},{"key":"30_CR31","doi-asserted-by":"crossref","unstructured":"Zhi, W., Jiang, X., Cui, W.-D., Wang, X.-Y., Grace, M.: ReFormat: automatic reverse engineering of encrypted messages. In: Proceedings of the 14th European Symposium on Research in Computer Security, pp. 200\u2013215 (2009). 5789","DOI":"10.1007\/978-3-642-04444-1_13"}],"container-title":["Lecture Notes on Data Engineering and Communications Technologies","Advances in Internetworking, Data &amp; Web Technologies"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-59463-7_30","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,25]],"date-time":"2019-09-25T05:20:29Z","timestamp":1569388829000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-59463-7_30"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,5,28]]},"ISBN":["9783319594620","9783319594637"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-59463-7_30","relation":{},"ISSN":["2367-4512","2367-4520"],"issn-type":[{"type":"print","value":"2367-4512"},{"type":"electronic","value":"2367-4520"}],"subject":[],"published":{"date-parts":[[2017,5,28]]}}}