Abstract: Consultative Committee for Space Data System (CCSDS) protocol is the mainstream of international space-ground link standard for space communication. The reversing of unknown CCSDS protocol can be used in at least two areas: one is to analyze the unknown communication traffics; the other is to detect and analyze the network attack aiming at space station as well as other space entities which are networked for international space co-operation. Thus, a computer aided analytical system was designed to reverse unknown protocol based on CCSDS protocol standard framework, and the system included the architecture design and the workflow design. Moreover, to solve the problem of telegram clustering efficiency of iterative phylogenetic tree of unknown protocol in the workflow, an improved algorithm, called Feedback Dynamic Relaxation Factor-Affinity Propagation (FDRF-AP), was given to solve the unknown communication protocol reversing problem. The simulation results indicate that the algorithm enhances the efficiency of protocol reversing engineering.

Key words: Consultative Committee for Space Data System (CCSDS) protocol, protocol reversing engineering, unknown protocol, affinity propagation clustering, space-ground link

摘要： 空间数据系统咨询委员会(CCSDS)标准协议是国际主流的空间天地链路通信协议,面向CCSDS协议的未知协议逆向工程,可以对卫星天地链路中的未知通信流进行行为分析,也有助于发现和分析针对空间站等国际联网实体的攻击。设计了一种CCSDS协议框架下的未知协议逆向工程分析系统,主要包括系统的架构设计和流程设计。针对该流程中未知协议会话报文字段的迭代式进化树聚类所导致的算法开销过大问题,提出了一种基于反馈型动态豫迟因子的仿射传播聚类算法。仿真实验结果表明,该算法相比通常的非权算术平均聚类算法可以有效提高针对未知协议的逆向工程效率。

关键词: 空间数据系统咨询委员会(CCSDS)协议, 协议逆向工程, 未知协议, 仿射传播聚类, 天地链路