Next Article in Journal
A Simplified SSY Estimate Method to Determine EPFM Constraint Parameter for Sensor Design
Previous Article in Journal
An Interdigital Capacitor for Microwave Heating at 25 GHz and Wideband Dielectric Sensing of nL Volumes in Continuous Microfluidics
Previous Article in Special Issue
Indoor Pedestrian Self-Positioning Based on Image Acoustic Source Impulse Using a Sensor-Rich Smartphone
Article Menu
Issue 3 (February-1) cover image

Export Article

Open AccessArticle
Sensors 2019, 19(3), 716; https://doi.org/10.3390/s19030716

A Type-Aware Approach to Message Clustering for Protocol Reverse Engineering

1
College of Computer, National University of Defense Technology, Changsha 410073, China
2
School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China
*
Author to whom correspondence should be addressed.
Received: 8 January 2019 / Revised: 25 January 2019 / Accepted: 2 February 2019 / Published: 10 February 2019
(This article belongs to the Special Issue Smart IoT Sensing)
Full-Text   |   PDF [343 KB, uploaded 11 February 2019]   |  

Abstract

Protocol Reverse Engineering (PRE) is crucial for information security of Internet-of-Things (IoT), and message clustering determines the effectiveness of PRE. However, the quality of services still lags behind the strict requirement of IoT applications as the results of message clustering are often coarse-grained with the intrinsic type information hidden in messages largely ignored. Aiming at this problem, this study proposes a type-aware approach to message clustering guided by type information. The approach regards a message as a combination of n-grams, and it employs the Latent Dirichlet Allocation (LDA) model to characterize messages with types and n-grams via inferring the type distribution of each message. The type distribution is finally used to measure the similarity of messages. According to this similarity, the approach clusters messages and further extracts message formats. Experimental results of the approach against Netzob in terms of a number of protocols indicate that the correctness and conciseness can be significantly improved, e.g., figures 43.86% and 3.87%, respectively for the CoAP protocol. View Full-Text
Keywords: message clustering; protocol reverse engineering; Internet of Things; information security message clustering; protocol reverse engineering; Internet of Things; information security
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Luo, X.; Chen, D.; Wang, Y.; Xie, P. A Type-Aware Approach to Message Clustering for Protocol Reverse Engineering. Sensors 2019, 19, 716.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top