Analysis of communication data of mobile terminal based on protocol reversal
The most problem in analysis of communication protocols and communication data for mobile terminals is that many mobile applications do not have the relevant public technical documents,and it is difficult to know the type of communication protocol it adopts.The instruction execution sequence analysi...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2018-12-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2018099 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841530041812385792 |
|---|---|
| author | Mingyuan ZHANG Xinyu QI Yubo SONG Rongrong GU Aiqun HU Zhenchao ZHU |
| author_facet | Mingyuan ZHANG Xinyu QI Yubo SONG Rongrong GU Aiqun HU Zhenchao ZHU |
| author_sort | Mingyuan ZHANG |
| collection | DOAJ |
| description | The most problem in analysis of communication protocols and communication data for mobile terminals is that many mobile applications do not have the relevant public technical documents,and it is difficult to know the type of communication protocol it adopts.The instruction execution sequence analysis technique takes the instruction sequence executed by the program as a research object,and inversely infers the message format and the state machine to obtain the communication protocol.However,due to the incomplete collection of sequence information,the state machine infers that the inference is incomplete and cannot be effective.A novel protocol reverse scheme based on state machine comparison is proposed,which can be used for the forensics of mobile terminal communication data.The scheme first uses PIN for dynamical identification of the taint,and track it and analyzes the trajectory to obtain the message format.Secondly,the message clustering is performed on the basis of the message format to infer the protocol state machine.Finally,the LCS algorithm is used to compare the state machines to get a complete protocol state machine.This article tests and evaluates the scheme based on two types of application design experiments on the Android platform.The experimental results show that the results are both complete and real-time,and have practical value. |
| format | Article |
| id | doaj-art-4439b90ce89b4039a9ae261f5fde3aa5 |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2018-12-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-4439b90ce89b4039a9ae261f5fde3aa52025-01-15T03:13:14ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2018-12-014546159555082Analysis of communication data of mobile terminal based on protocol reversalMingyuan ZHANGXinyu QIYubo SONGRongrong GUAiqun HUZhenchao ZHUThe most problem in analysis of communication protocols and communication data for mobile terminals is that many mobile applications do not have the relevant public technical documents,and it is difficult to know the type of communication protocol it adopts.The instruction execution sequence analysis technique takes the instruction sequence executed by the program as a research object,and inversely infers the message format and the state machine to obtain the communication protocol.However,due to the incomplete collection of sequence information,the state machine infers that the inference is incomplete and cannot be effective.A novel protocol reverse scheme based on state machine comparison is proposed,which can be used for the forensics of mobile terminal communication data.The scheme first uses PIN for dynamical identification of the taint,and track it and analyzes the trajectory to obtain the message format.Secondly,the message clustering is performed on the basis of the message format to infer the protocol state machine.Finally,the LCS algorithm is used to compare the state machines to get a complete protocol state machine.This article tests and evaluates the scheme based on two types of application design experiments on the Android platform.The experimental results show that the results are both complete and real-time,and have practical value.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2018099mobile terminaldata forensicsdynamic stain analysisprotocol reverse analysissimilarity comparison |
| spellingShingle | Mingyuan ZHANG Xinyu QI Yubo SONG Rongrong GU Aiqun HU Zhenchao ZHU Analysis of communication data of mobile terminal based on protocol reversal 网络与信息安全学报 mobile terminal data forensics dynamic stain analysis protocol reverse analysis similarity comparison |
| title | Analysis of communication data of mobile terminal based on protocol reversal |
| title_full | Analysis of communication data of mobile terminal based on protocol reversal |
| title_fullStr | Analysis of communication data of mobile terminal based on protocol reversal |
| title_full_unstemmed | Analysis of communication data of mobile terminal based on protocol reversal |
| title_short | Analysis of communication data of mobile terminal based on protocol reversal |
| title_sort | analysis of communication data of mobile terminal based on protocol reversal |
| topic | mobile terminal data forensics dynamic stain analysis protocol reverse analysis similarity comparison |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2018099 |
| work_keys_str_mv | AT mingyuanzhang analysisofcommunicationdataofmobileterminalbasedonprotocolreversal AT xinyuqi analysisofcommunicationdataofmobileterminalbasedonprotocolreversal AT yubosong analysisofcommunicationdataofmobileterminalbasedonprotocolreversal AT rongronggu analysisofcommunicationdataofmobileterminalbasedonprotocolreversal AT aiqunhu analysisofcommunicationdataofmobileterminalbasedonprotocolreversal AT zhenchaozhu analysisofcommunicationdataofmobileterminalbasedonprotocolreversal |