计算机应用 ›› 2014, Vol. 34 ›› Issue (1): 23-26.DOI: 10.11772/j.issn.1001-9081.2014.01.0023

• 网络与通信 • 上一篇    下一篇

面向CCSDS协议的未知协议逆向工程

侯重远1,焦皎2,朱磊2   

  1. 1. 宇航动力学国家重点实验室(西安卫星测控中心),西安 710043;
    2. 解放军理工大学 通信工程学院,南京 210007
  • 收稿日期:2013-05-24 修回日期:2013-08-05 出版日期:2014-01-01 发布日期:2014-02-14
  • 通讯作者: 侯重远
  • 作者简介:侯重远(1982-),男,陕西西安人,工程师,博士,主要研究方向:天地链路逆向工程;焦皎(1984-),女,江苏常熟人,助理工程师,硕士研究生,主要研究方向:通信协议逆向工程;朱磊(1973-),男,江苏南京人,教授,博士,主要研究方向:通信协议逆向工程。

Unknown protocol reversing engineering for CCSDS protocol

HOU Zhongyuan1,JIAO Jiao2,ZHU Lei2   

  1. 1. State Key Laboratory of Astronautics Dynamic (Xi'an Satellite Control Center), Xi'an Shaanxi 710043, China;
    2. College of Communication Engineering, PLA University of Science and Technology, Nanjing Jiangsu 210007, China
  • Received:2013-05-24 Revised:2013-08-05 Online:2014-01-01 Published:2014-02-14
  • Contact: HOU Zhongyuan

摘要: 空间数据系统咨询委员会(CCSDS)标准协议是国际主流的空间天地链路通信协议,面向CCSDS协议的未知协议逆向工程,可以对卫星天地链路中的未知通信流进行行为分析,也有助于发现和分析针对空间站等国际联网实体的攻击。设计了一种CCSDS协议框架下的未知协议逆向工程分析系统,主要包括系统的架构设计和流程设计。针对该流程中未知协议会话报文字段的迭代式进化树聚类所导致的算法开销过大问题,提出了一种基于反馈型动态豫迟因子的仿射传播聚类算法。仿真实验结果表明,该算法相比通常的非权算术平均聚类算法可以有效提高针对未知协议的逆向工程效率。

关键词: 空间数据系统咨询委员会(CCSDS)协议, 协议逆向工程, 未知协议, 仿射传播聚类, 天地链路

Abstract: Consultative Committee for Space Data System (CCSDS) protocol is the mainstream of international space-ground link standard for space communication. The reversing of unknown CCSDS protocol can be used in at least two areas: one is to analyze the unknown communication traffics; the other is to detect and analyze the network attack aiming at space station as well as other space entities which are networked for international space co-operation. Thus, a computer aided analytical system was designed to reverse unknown protocol based on CCSDS protocol standard framework, and the system included the architecture design and the workflow design. Moreover, to solve the problem of telegram clustering efficiency of iterative phylogenetic tree of unknown protocol in the workflow, an improved algorithm, called Feedback Dynamic Relaxation Factor-Affinity Propagation (FDRF-AP), was given to solve the unknown communication protocol reversing problem. The simulation results indicate that the algorithm enhances the efficiency of protocol reversing engineering.

Key words: Consultative Committee for Space Data System (CCSDS) protocol, protocol reversing engineering, unknown protocol, affinity propagation clustering, space-ground link

中图分类号: