{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,10]],"date-time":"2026-06-10T15:16:32Z","timestamp":1781104592732,"version":"3.54.1"},"reference-count":26,"publisher":"IGI Global Scientific Publishing","issue":"2","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017,7]]},"abstract":"<jats:p>Unknown protocol's hidden behavior is becoming a new challenge in network security. This paper takes the captured messages and the binary code that implement the protocol both as the studied object. Dynamic Taint Analysis combined with Static Analysis is used for protocol analyzing. Firstly, monitor and analyze the process of protocol program parses the message in the virtual platform HiddenDisc prototype system developed by the authors, record the protocol's public behavior, then based on the authors' proposed Hidden Behavior Perception and Mining algorithm, static analyze the protocol's hidden behavior trigger conditions and hidden behavior instruction sequences. According to the hidden behavior trigger conditions, new protocol messages with the sensitive information are generated, and the hidden behaviors are executed by dynamic triggering. HiddenDisc prototype system can sense, trigger and analyze the protocol's hidden behaviors. According to the statistical analysis results, the authors propose the evaluation method of Protocol Execution Security. The experimental results show that the present method can accurately mining the protocol's hidden behaviors, and can evaluate unknown protocol's execution security.<\/jats:p>","DOI":"10.4018\/ijbdcn.2017070101","type":"journal-article","created":{"date-parts":[[2017,5,3]],"date-time":"2017-05-03T12:20:31Z","timestamp":1493814031000},"page":"1-14","source":"Crossref","is-referenced-by-count":0,"title":["Dynamic Combined with Static Analysis for Mining Network Protocol's Hidden Behavior"],"prefix":"10.4018","volume":"13","author":[{"given":"Yanjing","family":"Hu","sequence":"first","affiliation":[{"name":"National Key Laboratory of Integrated Services Networks, Xidian University, Xi'an, China & Key Laboratory of Network and Information Security, Engineering University of the Armed Police Force, Xi'an, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Qingqi","family":"Pei","sequence":"additional","affiliation":[{"name":"National Key Laboratory of Integrated Services Networks, Xidian University, Xi'an, China"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"2432","reference":[{"key":"ijbdcn.2017070101-0","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590346"},{"key":"ijbdcn.2017070101-1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2012.08.003"},{"key":"ijbdcn.2017070101-2","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714637"},{"key":"ijbdcn.2017070101-3","doi-asserted-by":"publisher","DOI":"10.1109\/sp.2010.12"},{"key":"ijbdcn.2017070101-4","doi-asserted-by":"publisher","DOI":"10.1007\/s00500-015-1713-6"},{"key":"ijbdcn.2017070101-5","first-page":"870","article-title":"Inferring protocol state machine for binary communication protocol","volume":"2014","author":"M.Fanzhi Meng","year":"2014","journal-title":"Advanced Research and Technology in Industry Applications"},{"key":"ijbdcn.2017070101-6","doi-asserted-by":"publisher","DOI":"10.1504\/IJHPCN.2013.056525"},{"key":"ijbdcn.2017070101-7","doi-asserted-by":"publisher","DOI":"10.1504\/IJGUC.2011.040595"},{"key":"ijbdcn.2017070101-8","doi-asserted-by":"publisher","DOI":"10.1504\/IJGUC.2012.047758"},{"issue":"2","key":"ijbdcn.2017070101-9","first-page":"451","article-title":"Automatic protocol reverse-engineering: Message format extraction and field semantics inference","volume":"54","author":"D. S.Juan Caballero","year":"2012","journal-title":"Computer Networks"},{"key":"ijbdcn.2017070101-10","doi-asserted-by":"publisher","DOI":"10.1145\/2401603.2401672"},{"key":"ijbdcn.2017070101-11","first-page":"685","article-title":"A survey on methods of automatic protocol reverse engineering.","author":"L. C.Li Xiang-Dong","year":"2011","journal-title":"Proceedings of the 2011 Seventh International Conference on Computational Intelligence and Security"},{"key":"ijbdcn.2017070101-12","doi-asserted-by":"publisher","DOI":"10.1109\/CIS.2014.114 10.1109\/.113"},{"key":"ijbdcn.2017070101-13","doi-asserted-by":"publisher","DOI":"10.1504\/IJSSC.2015.070945"},{"key":"ijbdcn.2017070101-14","doi-asserted-by":"publisher","DOI":"10.1504\/IJIPT.2013.058671"},{"key":"ijbdcn.2017070101-15","doi-asserted-by":"publisher","DOI":"10.1007\/978-81-322-1665-0_63"},{"key":"ijbdcn.2017070101-16","doi-asserted-by":"crossref","unstructured":"Kurunji, S., Ge, T., Fu, X., Liu, B., & Chen C.X. (2015). Optimizing Communication for Multi-Join Query Processing in Cloud Data Warehouses.International Journal of High Performance Computing and Networking, 4, 113\u2013130.","DOI":"10.4018\/ijghpc.2013100108"},{"key":"ijbdcn.2017070101-17","first-page":"273","article-title":"An analytical framework for the modelling and evaluation of the mobile agent based distributed network management paradigm.","volume":"4","author":"J. Y. S.Papavassiliou","year":"2008","journal-title":"International Journal of High Performance Computing and Networking"},{"key":"ijbdcn.2017070101-18","doi-asserted-by":"publisher","DOI":"10.1504\/IJSSC.2015.070952"},{"key":"ijbdcn.2017070101-19","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664261"},{"key":"ijbdcn.2017070101-20","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-05302-8_25"},{"key":"ijbdcn.2017070101-21","doi-asserted-by":"publisher","DOI":"10.1504\/IJGUC.2009.027921"},{"key":"ijbdcn.2017070101-22","doi-asserted-by":"publisher","DOI":"10.1016\/S1005-8885(13)60217-4"},{"key":"ijbdcn.2017070101-23","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2011.03.017"},{"key":"ijbdcn.2017070101-24","doi-asserted-by":"publisher","DOI":"10.1007\/s12243-014-0423-x"},{"key":"ijbdcn.2017070101-25","article-title":"Automatic network protocol analysis.","author":"G. M. P.Wondracek","year":"2008","journal-title":"Proceedings of the 15th Annual Network & Distributed System Security Symposium(NDSS 2008)"}],"container-title":["International Journal of Business Data Communications and Networking"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=181582","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,5]],"date-time":"2022-05-05T15:50:49Z","timestamp":1651765849000},"score":1,"resource":{"primary":{"URL":"http:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/ijbdcn.2017070101"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2017,7]]},"references-count":26,"journal-issue":{"issue":"2"},"URL":"https:\/\/doi.org\/10.4018\/ijbdcn.2017070101","relation":{},"ISSN":["1548-0631","1548-064X"],"issn-type":[{"value":"1548-0631","type":"print"},{"value":"1548-064X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,7]]}}}