Table 8: Four divisions of reverse engineered or analyzed protocols by approaches that do not directly focus on reverse engineering PFs or PFSMs.

Approach, method, tool, or authorProtocols analyzed or reverse engineered
TextBinaryHybridOthers (unknown/undocumented)

ScriptGen [29]HTTPNetBiosNoneDCE
RolePlayer [30]NFS, FTP, HTTP, SMTP, TFTPDNSSMB, CIFSNone
Ma et al. [31]FTP, SMTP, HTTP, HTTPS (TCP-Protos)DNS, NetBIOS, SrvLoc (UDP-Protos)NoneNone
Boosting [32]NoneDNSNoneNone
Dispatcher [6]HTTP, FTP, ICQDNSNoneNone
ASAP [33]HTTP, FTP,
IRC, TFTP
NoneNoneNone
Dispatcher2 [34]HTTP, FTP, ICQDNSSMBNone
ProVeX [35]HTTP, SMTP, IMAPDNS, VoIP, XMPPNoneMalware Family Protocols
PIP [36]HTTPNoneNoneNone
FieldHunter [37]MSNPDNSNoneSopCast, Ramnit
RS Cluster [38]HTTPS, POP3, SMTP, FTPDNS, XunLei, BitTorrent, BitSpirit, QQ, eMuleNoneMSSQL, Kugoo, PPTV
UPCSS [39]IMAP, HTTP, SMTP, FTP, POP3DNS, SSL, SSHSMBNone
PowerShell [40]NoneARP, OSPF, DHCP, STPNoneCDP/DTP/VTP, HSRP, LLDP, LLMNR, mDNS, NBNS, VRRP