A novel method for delimiting frames of unknown protocol

Author

Li Tong ; Liu Yuan ; Zhang Chun-rui ; Meng Fan-zhi ; Yue Yang

Author_Institution

New Generation of Inf. Technol. Center, Inst. of Comput. Applic., Mianyang, China

fYear

2014

fDate

8-9 May 2014

Firstpage

552

Lastpage

555

Abstract

Protocol reverse from network traces is widely used in the field of network security. But most of the studies focuse on application-level unknown protocols in Ethernet network system. However, in some special wireless systems, the protocol stack is proprietary. It is in urgent need to do the study on the unknown protocol stack. This paper proposed a new method to delimit frames in the bit stream which generated by signal process. By fully exploiting the characteristics of the wireless protocol data, two levels of frequent items mining are employed and a comprehensive index is applied to recognize the preamble. In the experiment, the method is indicated effective.

Keywords

computer network security; data mining; local area networks; protocols; radiocommunication; Ethernet network system; application-level unknown protocols; comprehensive index; frames delimiting; frequent items mining; network security; network traces; preamble recognition; protocol reverse; unknown protocol stack; wireless communication; wireless protocol data; wireless systems; Wireless communication; frame delimited; frequent sequence; preamble; protocol reverse;

fLanguage

English

Publisher

ieee

Conference_Titel

Electronics, Computer and Applications, 2014 IEEE Workshop on

Conference_Location

Ottawa, ON

Type

conf

DOI

10.1109/IWECA.2014.6845680

Filename

6845680