How far an Evolutionary Approach can go for Protocol State Analysis and Discovery

Created by W.Langdon from gp-bibliography.bib Revision:1.4333

  article_id =   "1491",
  author =       "Patrick LaRoche and Aimee Burrows and 
                 A. Nur Zincir-Heywood",
  title =        "How far an Evolutionary Approach can go for Protocol
                 State Analysis and Discovery",
  booktitle =    "2013 IEEE Conference on Evolutionary Computation",
  volume =       "1",
  year =         "2013",
  month =        jun # " 20-23",
  editor =       "Luis Gerardo {de la Fraga}",
  pages =        "3228--3235",
  address =      "Cancun, Mexico",
  keywords =     "genetic algorithms, genetic programming",
  DOI =          "doi:10.1109/CEC.2013.6557965",
  size =         "9 pages",
  abstract =     "Securing today's computer networks requires numerous
                 technologies to constantly be developed, refined and
                 challenged. One area of research aiding in this process
                 is that of protocol analysis, the study of the methods
                 with which networks communicate. Our specific area of
                 interest, the interaction with different protocol
                 implementations, is a crucial component of this domain.
                 Our work aims to identify and highlight a protocols
                 states and state transitions, while minimising the
                 required a priori knowledge known about the protocol
                 and its different versions (implementations). To this
                 end, our approach uses a Genetic Programming (GP) based
                 technique in order to analyse a client or a server of a
                 given protocol via interacting with it with minimum a
                 priori information. We evaluate our system against
                 another well-known system from the literature on two
                 different protocols, namely Dynamic Host Configuration
                 Protocol (DHCP) and File Transfer Protocol (FTP). We
                 measure the performances of these two systems in terms
                 of the similarities and differences seen in the state
                 diagrams produced for the protocols under testing.
                 Results show that, by using our approach, it is
                 possible to identify the different versions of a given
  notes =        "CEC 2013 - A joint meeting of the IEEE, the EPS and
                 the IET.",

Genetic Programming entries for Patrick LaRoche Aimee Burrows Nur Zincir-Heywood