公开(公告)号：US20240340298A1

公开(公告)日：2024-10-10

申请号：US18475471

申请日：2023-09-27

Applicant: Huazhong University of Science and Technology

Inventor： Bin YUAN ,  Huan LIU ,  Jiajun REN ,  Qunjinming CHEN ,  Deqing ZOU ,  Hai JIN

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/166

Abstract: A method and system for recognizing TLS fingerprints based on finite-state machines is provided, wherein the system at least includes: a model inference module, for learning state machine models of target TLS implementations according to mapping information sent by a message mapping module; a fingerprint extracting module, for analyzing the state machine models and extracting multi-level fingerprints of the target TLS implementations; and a version recognizing module, for verifying the multi-level fingerprints for validity and/or recognizing version information of unknown TLS implementations. As compared to other network protocol identification systems, the present disclosure can identify and judge fine-grained information such as the specific implementation type and version of the specific TLS implementation. At the same time, the inventive method is highly automated, thereby ensuring good usability and scalability.