REVERSE AUTOMATED ANALYSIS OF APT TROJAN NETWORK PROTOCOL

Siyuan Pan,Yijun Wang,Zhi Xue,Xiang Lin
DOI: https://doi.org/10.3969/j.issn.1000-386x.2018.04.058
2018-01-01
Abstract:With the increasing demand for network security,the requirements for the analysis of remote control Trojan in APT attacks are also constantly increasing.Correspondingly,various methods and tools for analyzing unknown network protocols appear.In this paper,we introduced several existing methods of unknown network protocol reverse,and draw on the advantages of the existing methods.An improved method based on message data Tokenization,multiple sequence alignment and agglomerative hierarchical clustering for APT Trojan network protocol is proposed.
What problem does this paper attempt to address?