Research on a cluster system for binary data frames of wireless sensor network

As the development of network became more complex, protocol reverse engineering has attracted increasing attention and widely applied in intrusion detection, vulnerability discovery, and electronic countermeasures. To separate the obtained binary data frames under complex wireless network environment so as to provide prerequisite for the following reverse protocol analysis, cluster system of complex protocol suites was implemented. First, AC algorithm was utilized to mine the frequent sequence characteristics in binary data frames. Then Apriori algorithm was employed innovatively to analyze the association relationships between these characteristics. In addition, combining with the features of binary frames, the results were conducted by four-step pruning. Finally, the selected characteristics were applied for cluster by the improved K-means algorithm. Results indicated that: the clustering effect of the system for binary protocol data frames is favorable. Meanwhile, as for the multilayer protocol suites with TYPE fields, the system is able to further distinguish the hierarchical relations between multiple protocols.