Date Added: Aug 2010
Automatic inspection of network payloads is a prerequisite for effective analysis of network communication. Security research has largely focused on network analysis using protocol specifications, for example for intrusion detection, fuzz testing and forensic analysis. The specification of a protocol alone, however, is often not sufficient for accurate analysis of communication, as it fails to reflect individual semantics of network applications. The authors propose a framework for semantics-aware analysis of network payloads which automatically extracts semantics-aware components from recorded network traffic.