Title :
Research on protocol reverse extraction based on DynamoRIO
Author :
Shu, Hui ; He, Yongjun
Author_Institution :
Dept. of Comput. Sci., Zhengzhou Inf. Sci. & Technol. Inst., Zhengzhou, China
fDate :
June 29 2010-July 1 2010
Abstract :
Unknown network protocol reverse extraction is an important technology in software reversing engineering. This paper introduces the main protocol reverse extraction technologies, provides a new method that based on dynamic taint analysis. This method uses DynamoRIO to implement interpreted execution of a network software, record and analyze the data flow information revealed in the execution by DynamoRIO plug-in module, extract the main protocol fields of a single message based on the user-defined protocol data analysis strategies.
Keywords :
data analysis; data flow analysis; message passing; program compilers; protocols; reverse engineering; software engineering; DynamoRIO plug-in module; data flow information; dynamic taint analysis; interpreted execution; network protocol reverse extraction; network software; protocol reverse extraction technology; software reversing engineering; user-defined protocol data analysis strategy; Hardware; Instruments; Dynamic Taint Analysis; DynamoRIO; Protocol Field; Protocol Reverse Extraction;
Conference_Titel :
Communication Systems, Networks and Applications (ICCSNA), 2010 Second International Conference on
Conference_Location :
Hong Kong
Print_ISBN :
978-1-4244-7475-2
DOI :
10.1109/ICCSNA.2010.5588804
