Submit

Login Login

Register Register

Home / Journals / CMC / Online First / doi:10.32604/cmc.2025.071552
Journal Menu
Special Issues
Table of Content

All issues

Online First

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Open Access

ARTICLE

: A Protocol Message Structure Reconstruction Method Based on Execution Slice Embedding

Yuyao Huang, Hui Shu, Fei Kang*
Key Laboratory of Cyberspace Security, Ministry of Education, Zhengzhou, 450001, China
* Corresponding Author: Fei Kang. Email: email

Computers, Materials & Continua https://doi.org/10.32604/cmc.2025.071552

Received 07 August 2025; Accepted 15 October 2025; Published online 18 November 2025

Abstract

Message structure reconstruction is a critical task in protocol reverse engineering, aiming to recover protocol field structures without access to source code. It enables important applications in network security, including malware analysis and protocol fuzzing. However, existing methods suffer from inaccurate field boundary delineation and lack hierarchical relationship recovery, resulting in imprecise and incomplete reconstructions. In this paper, we propose , a novel method for reconstructing protocol field structures based on program execution slice embedding. extracts code slices from protocol parsing at runtime, converts them into embedding vectors using a data flow-sensitive assembly language model, and performs hierarchical clustering to recover complete protocol field structures. Evaluation on two datasets containing 12 protocols shows that achieves an average F1 score of 0.85 and a cophenetic correlation coefficient of 0.189, improving by 19% and 0.126% respectively over state-of-the-art methods (including BPRE, T, N, and QwQ-32B-preview), demonstrating significant superiority in both accuracy and completeness of field structure recovery. Case studies further validate the effectiveness of in practical malware analysis scenarios.

Keywords

Protocol reverse engineering; program slicing; code embedding; hierarchical clustering

  • 146

    View

  • 24

    Download

  • 1

    Like

Related articles
Copyright© 2025 Tech Science Press
© 1997-2025 TSP (Henderson, USA) unless otherwise stated

Share Link