[ Back-Up Speaker ]Reverse Engineering Network Protocols Using Bioinformatics presented at Blackhat USA 2005

by Marshall Beddoe,

Tags: Security Analysis

Summary : Network protocol analysis is currently
performed by hand using only intuition and a protocol analyzer tool
such as tcpdump or Ethereal. This talk presents Protocol Informatics, a
method for automating network protocol reverse engineering by utilizing
algorithms found in the bioinformatics field. In order to determine
fields in protocol packets, samples are aligned using multiple string
alignment algorithms and their consensus sequences are analyzed to
understand the beginning and the end of fields in the packet.