Review Article
A Survey of Automatic Protocol Reverse Engineering Approaches, Methods, and Tools on the Inputs and Outputs View
Table 4
Approaches that focus on neither reverse engineering general PFs nor PFSMs.
| | Approach, method, tool, or author | Year | Input format | Special remarks | | NetT | ExeT |
| | ScriptGen [29] | 2005 | ○ | | Dialogs/scripts | | RolePlayer [30] | 2006 | ○ | | Dialogs/scripts | | Ma et al. [31] | 2006 | ○ | | App-identification | | Boosting [32] | 2008 | ○ | | Field(s) | | Dispatcher [6] | 2009 | | ○ | C&C malware | | ASAP [33] | 2011 | ○ | | Semantics | | Dispatcher2 [34] | 2013 | | ○ | C&C malware | | ProVeX [35] | 2013 | ○ | | Signatures | | PIP [36] | 2014 | ○ | | Keywords/ fields | | FieldHunter [37] | 2015 | ○ | | Fields | | RS Cluster [38] | 2015 | ○ | | Grouped-messages | | UPCSS [39] | 2015 | ○ | | Proto-classification | | PowerShell [40] | 2017 | ○ | | Dialogs/scripts | | ProPrint [41] | 2017 | ○ | | Fingerprints | | ProHacker [42] | 2017 | ○ | | Keywords |
|
|
