Á¤º¸°úÇÐȸ³í¹®Áö (Journal of KIISE)
Current Result Document : 1 / 6
´ÙÀ½°Ç 
| ÇѱÛÁ¦¸ñ(Korean Title) |
¹«¼± ÇÁ·ÎÅäÄÝ ÀÚµ¿ ºÐ¼®±â ¿¬±¸ ¹× °³¹ß |
| ¿µ¹®Á¦¸ñ(English Title) |
Research and Development of Wireless Protocol Automatic Analyzer |
| ÀúÀÚ(Author) |
¹æ¿ì¸²
Àü¿µ¹è
½É½Å¿ì
±è±¤¼ö
À±Áö¿ø
Woorim Bang
Youngbae Jeon
Shinwoo Shim
Kwangsoo Kim
Ji Won Yoon
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 46 NO. 08 PP. 0852 ~ 0860 (2019. 08) |
Çѱ۳»¿ë
(Korean Abstract) |
ÀÚµ¿ ÇÁ·ÎÅäÄÝ ¿ª°øÇÐÀ̶õ ºñ°ø°³ ÇÁ·ÎÅäÄÝÀÇ Æ÷¸Ë, ÀǹÌ, ÆĶó¹ÌÅ͸¦ ÀÚµ¿ÀûÀ¸·Î ºÐ¼®ÇÏ´Â °ÍÀ» ÀǹÌÇÑ´Ù. ÀÚµ¿ ÇÁ·ÎÅäÄÝ ¿ª°øÇÐÀº ³×Æ®¿öÅ© »ó¿¡¼ À¯Æ÷µÇ´Â ¾Ç¼ºÄڵ带 ŽÁöÇϱâ À§ÇØ »ç¿ëµÇ°Å³ª ÀÚüÀûÀ¸·Î ±Ô¾àÇÑ ÇÁ·ÎÅäÄÝ¿¡ ´ëÇÑ º¸¾È¼º, ÀûÀý¼º °ËÁõÀ» À§ÇØ »ç¿ëµÉ ¼ö ÀÖ´Ù. ±âÁ¸ÀÇ ÀÚµ¿ ÇÁ·ÎÅäÄÝ ¿ª°øÇÐ °ü·Ã ¿¬±¸´Â ÅؽºÆ® ±â¹Ý ÇÁ·ÎÅäÄÝ°ú À¯¼± ÇÁ·ÎÅäÄÝÀ» ´ë»óÀ¸·Î ¸¹ÀÌ ÁøÇàµÇ¾ú´Ù. ¹«¼± ±â±â°¡ Áõ°¡ÇÔ¿¡ µû¶ó, ¹«¼± ÇÁ·ÎÅäÄÝÀ» ´ë»óÀ¸·Î ÇÑ ÇÁ·ÎÅäÄÝ ÀÚµ¿ ºÐ¼®±â ¿¬±¸ÀÇ Çʿ伺ÀÌ Áõ´ëµÇ°í ÀÖ´Ù. µû¶ó¼, º» ³í¹®¿¡¼´Â ¹«¼± ÇÁ·ÎÅäÄÝÀÇ Æ¯¼ºÀ» ¹Ý¿µÇÑ ÇÁ·ÎÅäÄÝ ÀÚµ¿ºÐ¼®±â ¿¬±¸ ¹× °³¹ßÀ» ÁøÇàÇÏ¿´´Ù. ¹«¼± ÇÁ·ÎÅäÄÝ ºÐ¼®À» À§ÇØ º» ¿¬±¸¿¡¼´Â ¹ÙÀ̳ʸ® ´ÜÀ§·Î ¸Þ½ÃÁö¸¦ ºÐ¼®ÇÏ¿´´Ù. À¯»çÇÑ ¸Þ½ÃÁöµé³¢¸® ±ºÁýȸ¦ ¼öÇàÇϱâ À§ÇØ ÆÐŶ ¼öÁý ½Ã°£ °£°Ý¿¡ µû¸¥ °¡ÁßÄ¡¸¦ ºÎ¿©ÇÏ¿© ¸Þ½ÃÁö °Å¸®¸¦ °è»êÇÏ´Â ±â¹ýÀ» Á¦¾ÈÇÑ´Ù. º» ¿¬±¸¿¡¼ Á¦½ÃÇÑ ±â¹ýÀ» ÅëÇØ IEEE 802.11 ÇÁ·ÎÅäÄÝÀ» µû¸£´Â ¸Þ½ÃÁö¸¦ ¼öÁýÇÏ¿© ºÐ¼®ÇÑ °á°ú, 800°³ÀÇ ¸Þ½ÃÁöµé Áß 95.1%ÀÇ ¸Þ½ÃÁöÀÇ Å¸ÀÔÀ» Á¤È®È÷ ºÐ·ùÇس¾ ¼ö ÀÖ¾úÀ¸¸ç, °£°áµµ´Â 3.6 À̾ú´Ù. ±âÁ¸ ÇÁ·ÎÅäÄÝ ÀÚµ¿ ºÐ¼®±âÀÎ NetzobÀ» ÀÌ¿ëÇÏ¿© ºÐ¼®ÇÑ °á°ú Á¤¹Ðµµ´Â 92.1%, °£°áµµ´Â 3.5·Î º» ³í¹®¿¡¼ Á¦¾ÈÇÑ ±â¹ýÀÌ ´õ ÁÁÀº ¼º´ÉÀ» º¸ÀδÙ.
|
¿µ¹®³»¿ë
(English Abstract) |
Automatic Protocol Reverse Engineering (APRE) defines automatic analysis of the format, semantics, and parameters of an unknown protocol. APRE can be used to detect malware that is distributed on the network, or for security and suitability verification of protocols that have been defined own their own. Conventional APRE studies have been conducted mostly on text-based protocols and wired protocols. As the number of wireless devices increases, there is an increasing need for a protocol analyzer for wireless protocols. Therefore, in this paper, research and development of the protocol automatic analyzer were performed by considering the characteristics of the wireless protocols. For the analysis of the wireless protocol, this study analyzed the messages in binary units. We propose a method to calculate the message distance by assigning a weight according to the packet acquisition time interval to perform clustering among similar messages. As a result of collecting and analyzing the messages according to the IEEE 802.11 protocol using the proposed method, we could correctly classify 95.1% message types among 800messages, and the degree of conciseness was 3.6. By using one of the existing APRE tools, Netzob, 92.1% precision was obtained with the conciseness of 3.5. Consequently, the proposed method showed better performance than Netzob.
|
| Å°¿öµå(Keyword) |
¹«¼± ÇÁ·ÎÅäÄÝ
Automatic Protocol Reverse Engineering (APRE)
Needleman-Wunsch ¾Ë°í¸®Áò
Unweighted Pair Group Method with Arithmetic Mean
wireless protocol
Automatic Protocol Reverse Engineering (APRE)
Needleman-Wunsch algorithm
Unweighted Pair Group Method with Arithmetic Mean
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
