SeMiner: Side-Information-Based Semantics Miner for Proprietary Industrial Control Protocols

Industrial control protocols (ICPs) are critical for Industrial Internet of Things to achieve interconnection and interaction between the industrial devices. To fully understand a large number of nonstandard and proprietary ICPs, protocol reverse engineering (PRE) techniques are commonly used to rec...

Full description

Saved in:
Bibliographic Details
Published inIEEE internet of things journal Vol. 9; no. 22; pp. 22796 - 22810
Main Authors Cai, Jun, Zhong, Weijian, Luo, Jianzhen
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 15.11.2022
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Algorithms
Behavioral sciences
Channels
Heuristic methods
Hidden Markov models
Image processing
Image reconstruction
Industrial applications
Industrial control protocol (ICP)
Industrial Internet of Things
Industrial Internet of Things (IIoT)
Internet of Things
protocol reverse engineering (PRE)
Protocols
Reverse engineering
Semantics
semantics analysis
side information
Temperature sensors
Online AccessGet full text

Cover

More Information
Summary:Industrial control protocols (ICPs) are critical for Industrial Internet of Things to achieve interconnection and interaction between the industrial devices. To fully understand a large number of nonstandard and proprietary ICPs, protocol reverse engineering (PRE) techniques are commonly used to reconstruct the ICP specifications. However, existing PRE tools face difficulties in inferring the ICP semantics. Accordingly, this article proposes SeMiner as an ICP semantics analysis framework to achieve the packet field identification, protocol semantics inference, and behavior semantics modeling. Based on the collected graphical side information about the industrial processes, a series of semantic channels is identified using image processing techniques, and a modified Apriori algorithm is used to extract the frequent patterns of each semantic channel. Afterward, a heuristic method based on sequence alignment is designed to simultaneously identify the set of relevant packets and the position of packet fields relevant to the semantic channels. Finally, relying on the packet field semantics, the behavior semantics of industrial processes are modeled and the association rules between the semantic channels are extracted. Thorough experimental results reported herein verify the effectiveness of SeMiner and show the superior performance of SeMiner compared with the several other state-of-the-art algorithms.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2327-4662
2327-4662
DOI:10.1109/JIOT.2022.3185649