中文摘要：

研究未知通信协议逆向解析技术在网络安全中具有重要意义，现有方法局限于分析明文的通信协议。基于此，提出一种基于动态污点分析的加密通信协议逆向分析方法，以动态二进制插桩平台Pin为支撑，跟踪记录程序的指令轨迹，采用数据流分析构建指令级和函数级的污点传播流图，再根据解密过程的特征定位数据包解密后的明文，最后解析协议明文的格式。实验表明，该方法能够准确定位加密协议数据解密后的明文，还原加密协议原有的格式。

英文摘要：

Research on unknown network protocol reverse engineering is of great significance in many network security appli- cations. However, current methods are all limited in analyzing plain-text protocols. This paper proposed a method of encrypted protocol reverse engineering based on dynamic taint analysis. The method used Pin to record executed instructions, and then conducted off-line analysis of the data dependencies to build two taint propagation graphs at instruction and function level. Then according to the feature of the decrypting process the decrypted plaintext could be poisoned, and further the format of protocol could be parsed. Experiments show that the method can accurately locate the decrypted protocol data, and restore the original format.