摘要： 基于报文序列分析的协议逆向方法在自动化分析过程中缺乏对人工知识的引入。为此，提出一种半自动协议逆向方法。通过人工输入的方式，将先验知识加入到报文分析中，用于指导报文的语义推断，并对分析结果进行人工纠正。实验结果表明，该方法能提高报文分析的效率和准确率。

关键词: 协议逆向工程, 人工知识, 先验知识, 人工纠正, 语义推断, 语义验证

Abstract: Protocol reverse methods based on message sequence analysis are all automatic and lack of considering the human knowledge in the automatic analysis. This paper presents a semiautomatic method, which makes use of human knowledge. This method brings the prior knowledge into the process of analysis via manual input, which can induct the semantic inference of the samples in some degree. It can also correct the result of analysis manually. Experimental results show that this method not only can improve the efficiency, but also can increase the accuracy of analysis obviously.

Key words: protocol reverse engineering, human knowledge, priori knowledge, artificial correction, semantic inference, semantic verification

中图分类号: 

• TP393.08