loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Valentin Kiechle 1 ; Matthias Börsig 2 ; Sven Nitzsche 2 ; Ingmar Baumgart 2 and Jürgen Becker 3

Affiliations: 1 AMAI GmbH - AI Experts, Karlsruhe, Germany ; 2 FZI Research Center for Information Technology, Karlsruhe, Germany ; 3 Institute for Information Processing Technology (ITIV), Karlsruhe Institute of Technology (KIT), Karlsruhe, Germany

Keyword(s): Protocol Reverse Engineering, Artificial Intelligence, Machine Learning, Neural Networks, Fuzzing.

Abstract: The ability of neural networks to universally approximate any function enables them to learn relationships between arbitrary kinds of data. This offers great potential in information security topics such as protocol reverse engineering (PRE), which has seen little usage of neural networks (NNs) so far. In this paper, we provide a novel approach for implementing PRE with solely NNs, demonstrating a simple yet effective reverse engineering of text-based protocols. This approach is modular by design and allows for the exchange of neural network models at any step with better performing models. The architectures used include a convolutional neural network (CNN), an autoencoder (AE), a generative adversarial net (GAN), a long short-term memory (LSTM), and a self-organizing map (SOM). All of these models combine for a new protocol reverse engineering approach. The results show that the widespread application layer protocols HTTP and FTP can successfully be mimicked by artificial intelligen ce, thereby paving the way for use cases such as fuzzing. A direct comparison to other PRE approaches is not possible due to the black-box nature of neural networks and represents the main limitation of our work. Our experiments showed that this multi-model approach yield up to 19% better message clustering, improved context distribution, and proving LSTM to be the best candidate for generating new messages with up to 67.6% valid HTTP packages and 100% valid FTP packages. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.138.118.194

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Kiechle, V.; Börsig, M.; Nitzsche, S.; Baumgart, I. and Becker, J. (2022). PREUNN: Protocol Reverse Engineering using Neural Networks. In Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-553-1; ISSN 2184-4356, SciTePress, pages 345-356. DOI: 10.5220/0010813500003120

@conference{icissp22,
author={Valentin Kiechle. and Matthias Börsig. and Sven Nitzsche. and Ingmar Baumgart. and Jürgen Becker.},
title={PREUNN: Protocol Reverse Engineering using Neural Networks},
booktitle={Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP},
year={2022},
pages={345-356},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010813500003120},
isbn={978-989-758-553-1},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP
TI - PREUNN: Protocol Reverse Engineering using Neural Networks
SN - 978-989-758-553-1
IS - 2184-4356
AU - Kiechle, V.
AU - Börsig, M.
AU - Nitzsche, S.
AU - Baumgart, I.
AU - Becker, J.
PY - 2022
SP - 345
EP - 356
DO - 10.5220/0010813500003120
PB - SciTePress