Clustering perception mining of network protocol’s stealth attack behavior
Deep stealth attack behavior in the network protocol becomes a new challenge to network security.In view of the shortcomings of the existing protocol reverse methods in the analysis of protocol behavior,especially the stealth attack behavior mining,a novel instruction clustering perception mining al...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2017-06-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017123/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539523033432064 |
|---|---|
| author | Yan-jing HU Qing-qi PEI |
| author_facet | Yan-jing HU Qing-qi PEI |
| author_sort | Yan-jing HU |
| collection | DOAJ |
| description | Deep stealth attack behavior in the network protocol becomes a new challenge to network security.In view of the shortcomings of the existing protocol reverse methods in the analysis of protocol behavior,especially the stealth attack behavior mining,a novel instruction clustering perception mining algorithm was proposed.By extracting the protocol's behavior instruction sequences,and clustering analysis of all the behavior instruction sequences using the instruction clustering algorithm,the stealth attack behavior instruction sequences can be mined quickly and accurately from a large number of unknown protocol programs according to the calculation results of the behavior distance.Combining dynamic taint analysis with instruction clustering analysis,1 297 protocol samples were analyzed in the virtual analysis platform hidden disc which was developed independently,and 193 stealth attack behaviors were successfully mined,the results of automatic analysis and manual analysis were completely consistent.Experimental results show that,the solution is ideal for perception mining the protocol's stealth attack behavior in terms of efficiency and accuracy. |
| format | Article |
| id | doaj-art-8f5d5dc404044fd48d70c8d4bf1466bd |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2017-06-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-8f5d5dc404044fd48d70c8d4bf1466bd2025-01-14T07:12:08ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2017-06-0138394859709487Clustering perception mining of network protocol’s stealth attack behaviorYan-jing HUQing-qi PEIDeep stealth attack behavior in the network protocol becomes a new challenge to network security.In view of the shortcomings of the existing protocol reverse methods in the analysis of protocol behavior,especially the stealth attack behavior mining,a novel instruction clustering perception mining algorithm was proposed.By extracting the protocol's behavior instruction sequences,and clustering analysis of all the behavior instruction sequences using the instruction clustering algorithm,the stealth attack behavior instruction sequences can be mined quickly and accurately from a large number of unknown protocol programs according to the calculation results of the behavior distance.Combining dynamic taint analysis with instruction clustering analysis,1 297 protocol samples were analyzed in the virtual analysis platform hidden disc which was developed independently,and 193 stealth attack behaviors were successfully mined,the results of automatic analysis and manual analysis were completely consistent.Experimental results show that,the solution is ideal for perception mining the protocol's stealth attack behavior in terms of efficiency and accuracy.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017123/protocol reverse analysisstealth attack behaviorinstruction clustering |
| spellingShingle | Yan-jing HU Qing-qi PEI Clustering perception mining of network protocol’s stealth attack behavior Tongxin xuebao protocol reverse analysis stealth attack behavior instruction clustering |
| title | Clustering perception mining of network protocol’s stealth attack behavior |
| title_full | Clustering perception mining of network protocol’s stealth attack behavior |
| title_fullStr | Clustering perception mining of network protocol’s stealth attack behavior |
| title_full_unstemmed | Clustering perception mining of network protocol’s stealth attack behavior |
| title_short | Clustering perception mining of network protocol’s stealth attack behavior |
| title_sort | clustering perception mining of network protocol s stealth attack behavior |
| topic | protocol reverse analysis stealth attack behavior instruction clustering |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017123/ |
| work_keys_str_mv | AT yanjinghu clusteringperceptionminingofnetworkprotocolsstealthattackbehavior AT qingqipei clusteringperceptionminingofnetworkprotocolsstealthattackbehavior |