期刊文献+

一种基于数据流的软件密码机制自动化分析方法

Automated Analysis Method of Cipher Mechanisms in Software Based on Data Flow
下载PDF
导出
摘要 对软件密码机制的自动化逆向分析,在漏洞挖掘、恶意代码分析、协议还原等领域发挥着重要作用。针对现有分析方法中存在的机制分析不完整、结果可读性差等问题,提出基于数据流的软件密码机制自动化分析方法,利用动态插桩获取软件运行时信息,定义和识别与密码相关的软件行为,根据行为间数据流关系,从图形和语义两个角度,实现软件密码机制的自动还原。实验结果表明,该方法能够自动高效分析软件密码机制,发现潜在的安全缺陷。 The automated reverse analysis of cipher mechanisms in software plays an important role in software vulnerabilities discovery,malware analysis and recovery of protocols.To solve the problems of incompleteness and poor readability in current methods,an automated analysis method of cipher mechanisms based on data flow is presented to analyze the cipher mechanisms in software.Dynamic binary instrumentation is used to obtain the information of API calls during the running process of software,from which the software behaviors related to cryptography are defined and identified.Furthermore,the cipher mechanisms in software are restored automatically from the graphic as well as semantic perspective,according to the data flow relationship between the software behaviors.The experiment results show that the method analyzes the cipher mechanisms in software automatically and efficiently,and detects the potential security vulnerabilities.
作者 黄宇垚 光焱 杨巨 康绯 HUANG Yuyao;GUANG Yan;YANG Ju;KANG Fei(Information Engineering University, Zhengzhou 450001, China)
机构地区 信息工程大学
出处 《信息工程大学学报》 2021年第2期191-199,共9页 Journal of Information Engineering University
基金 国家重点研发计划基金资助项目(2016YFB08011601)。
关键词 密码机制 语义分析 数据流 软件行为 cipher mechanisms semantic analysis data flow software behavior
  • 相关文献

参考文献12

二级参考文献58

  • 1赵作鹏,尹志民,王潜平,许新征,江海峰.一种改进的编辑距离算法及其在数据处理中的应用[J].计算机应用,2009,29(2):424-426. 被引量:51
  • 2冯登国,张阳,张玉清.信息安全风险评估综述[J].通信学报,2004,25(7):10-18. 被引量:308
  • 3李勇,左志宏.目标代码混淆技术综述[J].计算机技术与发展,2007,17(4):125-127. 被引量:10
  • 4郝文江.安装系统软件安全补丁——保证系统安全性[J].通信技术,2007,40(5):57-59. 被引量:1
  • 5JACOB G,DEBAR H,FILIOL E.Behavioral detection of malware:from a survey towards an established taxonomy[EB/OL].[2009-08-20].http://www.springerlink.com/content/r13551gu0mt85352.
  • 6CHRISTODORESCU M,JHA S,KRUEGEL C.Mining specifications of malicious behavior[C] // Proceedings of the 6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium.New York:ACM,2007:5-14.
  • 7PREDA M D,CHRISTODORESCU M,JHA S,et al.A semantics-based approach to malware detection[C] // Proceedings of the 34th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages.New York:ACM,2007:377-388.
  • 8KINDER J,KATZENBEISSER S,SCHALLHART C,et al.Detecting malicious code by model checking[EB/OL].[2009-08-20].http://www.forsyte.at/~kinder/download.php?t=1&k=mcodedimva05.
  • 9金然.恶意代码分析与检测中的若干关键技术研究[D].郑州:信息工程大学,2008.
  • 10WILLEMS C,HOLZ T,FREILING F.Toward automated dynamic malware analysis using CWSandbox[J].IEEE Security and Privacy,2007,5(2):32-39.

共引文献162

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部