Just saw Netzob on free(code) today. It looks like it combines protocol format recovery (vocabulary) and control flow recovery as automaton. They use grammar inference (specifically Angluin L*) to generate a modified Mealy machine. Very cool! I previously did some work inferring protocol control flow as FSM using a few GI algorithms. I’m off to the netzob code repository to have a look…
No comments:
Post a Comment