Review Article
A Survey of Automatic Protocol Reverse Engineering Approaches, Methods, and Tools on the Inputs and Outputs View
Table 4
Approaches that focus on neither reverse engineering general PFs nor PFSMs.
| Approach, method, tool, or author | Year | Input format | Special remarks | NetT | ExeT |
| ScriptGen [29] | 2005 | ○ | | Dialogs/scripts | RolePlayer [30] | 2006 | ○ | | Dialogs/scripts | Ma et al. [31] | 2006 | ○ | | App-identification | Boosting [32] | 2008 | ○ | | Field(s) | Dispatcher [6] | 2009 | | ○ | C&C malware | ASAP [33] | 2011 | ○ | | Semantics | Dispatcher2 [34] | 2013 | | ○ | C&C malware | ProVeX [35] | 2013 | ○ | | Signatures | PIP [36] | 2014 | ○ | | Keywords/ fields | FieldHunter [37] | 2015 | ○ | | Fields | RS Cluster [38] | 2015 | ○ | | Grouped-messages | UPCSS [39] | 2015 | ○ | | Proto-classification | PowerShell [40] | 2017 | ○ | | Dialogs/scripts | ProPrint [41] | 2017 | ○ | | Fingerprints | ProHacker [42] | 2017 | ○ | | Keywords |
|
|