| 一种基于状态融合的协议状态机推断方法 |
| |
| 引用本文: | 王辰,吴礼发,洪征,赖海光,庄洪林. 一种基于状态融合的协议状态机推断方法[J]. 解放军理工大学学报(自然科学版), 2015, 0(4): 322-329 |
| |
| 作者姓名: | 王辰 吴礼发 洪征 赖海光 庄洪林 |
| |
| 作者单位: | 解放军理工大学 指挥信息系统学院,江苏 南京 210007,解放军理工大学 指挥信息系统学院,江苏 南京 210007,解放军理工大学 指挥信息系统学院,江苏 南京 210007,解放军理工大学 指挥信息系统学院,江苏 南京 210007,解放军理工大学 指挥信息系统学院,江苏 南京 210007 |
| |
| 基金项目: | 江苏省自然科学基金资助项目(BK2011115,BK20131069) |
| |
| 摘 要: | 针对现有协议状态机推断方法忽视协议系统输入输出报文之间的内在关系,导致自动化程度较低等问题,提出一种基于状态融合的协议状态机推断方法。首先采集会话样本,将会话过程的输入输出报文序列抽象为符号序列;然后采用扩展前缀树转换器(EPTT)构建初始状态机,通过各状态对相同输入符号序列的状态转换和输出响应评判其相似度,依据相似度的高低搜寻候选状态对并尝试对其融合,同时有针对性地构造测试用例以验证此次融合的正确性。上述流程反复执行,直到没有可融合的状态。结果表明,该方法自动化程度较高,推断出的结果与真实协议状态机高度吻合。
|
| 关 键 词: | 状态融合;协议状态机;推断方法 |
| 收稿时间: | 2014-09-29 |
Method of protocol state machine inference based on state merging |
| |
| WANG Chen,WU Lif,HONG Zheng,LAI Haiguang and ZHUANG Honglin. Method of protocol state machine inference based on state merging[J]. Journal of PLA University of Science and Technology(Natural Science Edition), 2015, 0(4): 322-329 |
| |
| Authors: | WANG Chen WU Lif HONG Zheng LAI Haiguang ZHUANG Honglin |
| |
| Affiliation: | College of Command Information System, PLA Univ. of Sci. & Tech., Nanjing 210007,China,College of Command Information System, PLA Univ. of Sci. & Tech., Nanjing 210007,China,College of Command Information System, PLA Univ. of Sci. & Tech., Nanjing 210007,China,College of Command Information System, PLA Univ. of Sci. & Tech., Nanjing 210007,China and College of Command Information System, PLA Univ. of Sci. & Tech., Nanjing 210007,China |
| |
| Abstract: | The existing protocol state machine inference methods ignore the relationship of input and output messages and are not automated. A method of protocol state machine inference based on state merging was put forward. Firstly, session samples were collected, and the input and output messages of session were abstracted into symbol sequences. Then the extended prefix tree transducer (EPTT) was used to build the initial state machine, and the similarity of all states evaluated according to the state transition and output responses. The candidate states for merger were determined based on the level of state similarity. Meanwhile, test cases were generated to prove the validity of this merger and these processes repeated until there are no states that can be merged. Experimental results show that the method can infer highly accurate protocol state machine automatically. |
| |
| Keywords: | state merging protocol state machine method of inference |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《解放军理工大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《解放军理工大学学报(自然科学版)》下载免费的PDF全文 |
|
