Patent · US Active

Automatic parsing of binary-based application protocols using network traffic

US10218598B2 · kind B2 · utility

1Cited by

0References

17Claims

0Family size

Assignee

Narus, Inc. · US

Inventors

Ignacio Bermudez · New York, US
Marios Iliofotou · Sunnyvale, US
Marco Mellia · Torino, IT
Ram Keralapura · San Jose, US
Maurizio Matteo Munafo · Torino, IT

Key dates

Filing date	Sep 21, 2016
Grant date	Feb 26, 2019
Priority date	—
Expiry date	Aug 10, 2037

Classification

Technology area (CPC H)Electricity
CPC primaryH04L69/00
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method for analyzing a binary-based application protocol of a network. The method includes obtaining conversations from the network, extracting content of a candidate field from a message in each conversation, calculating a randomness measure of the content to represent a level of randomness of the content across all conversation, calculating a correlation measure of the content to represent a level of correlation, across all of conversations, between the content and an attribute of a corresponding conversation where the message containing the candidate field is located, and selecting, based on the randomness measure and the correlation measure, and using a pre-determined field selection criterion, the candidate offset from a set of candidate offsets as the offset defined by the protocol.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.