Affiliation:
1. College of Information Engineering, Shenyang University of Chemical Technology, Shenyang 110142, China
2. Key Laboratory of Information Security for Petrochemical Industry in Liaoning Province, Shenyang 110142, China
Abstract
The security of industrial control systems relies on the communication and data exchange capabilities provided by industrial control protocols, which can be complex, and may even use encryption. Reverse engineering these protocols has become an important topic in industrial security research. In this paper, we present PREIUD, a reverse engineering tool for industrial control protocols, based on unsupervised learning and deep neural network methods. The reverse process is divided into stages. First, we use the bootstrap voting expert algorithm to infer the keyword segment boundaries of the protocols, considering the symmetry properties. Then, we employ a bidirectional long short-term memory conditional random field with an attention mechanism to classify the protocols and extract their format and semantic features. We manually constructed data sample sets for six commonly used industrial protocols, and used them to train and test our model, comparing its performance to two advanced protocol reverse tools, MSERA and Discoverer. Our results showed that PREIUD achieved an average accuracy improvement of 7.4% compared to MSERA, and 15.4% compared to Discoverer, while also maintaining a balance between computational conciseness and efficiency. Our approach represents a significant advancement in the field of industrial control protocol reverse engineering, and we believe it has practical implications for securing industrial control systems.
Funder
LiaoNing Revitalization Talents Program
Subject
Physics and Astronomy (miscellaneous),General Mathematics,Chemistry (miscellaneous),Computer Science (miscellaneous)
Reference39 articles.
1. (2022, January 14). ICS-CERT 2021 Annual Vulnerability Coordination Report, Available online: https://www.cisa.gov/uscert/ics/alerts.
2. A survey of automatic protocol reverse engineering tools;Narayan;ACM Comput. Surv. (CSUR),2015
3. Aldallal, A. (2022). Toward Efficient Intrusion Detection System Using Hybrid Deep Learning Approach. Symmetry, 14.
4. Luo, J.Z., Shan, C., Cai, J., and Liu, Y. (2018). IoT Application-Layer Protocol Vulnerability Detection using Reverse Engineering. Symmetry, 10.
5. Alomari, E.S., Nuiaa, R.R., Alyasseri, Z.A.A., Mohammed, H.J., Sani, N.S., Esa, M.I., and Musawi, B.A. (2023). Malware Detection Using Deep Learning and Correlation-Based Feature Selection. Symmetry, 15.
Cited by
9 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献