Revnivykh A.V., Velizhanin A.S. —
Methods for automated formation of a disassembled listing structure
// Cybernetics and programming.
– 2019. – ¹ 2.
– P. 1 - 16.
DOI: 10.25136/2306-4196.2019.2.28272 URL: https://en. nbpublish.com/library_read_article.php?id=28272
Read the article
The subject of the research is the method of splitting a disassembled code into logical blocks in automatic mode, searching for software vulnerabilities without using source code (using a binary file or its equivalent, obtained by reverse engineering).The object of the research is the existing code analyzers and features of their functionality.The aim of the study is to consider the possibility of splitting a disassembled code into logical blocks in automatic mode and some of the possible difficulties associated with this.Formulation of the problem. The complexity of analyzing large software products at the level of machine code necessitates the automation of this process. The research methodology is based on a combination of theoretical and empirical approaches using the methods of static and dynamic analysis, comparison, generalization, algorithmization, modeling, synthesis. Key findings. Splitting the code into blocks by sequential in line-by-line analysis of machine code in some cases can lead to misinterpretation. In addition, the analysis of the code according to the conclusions of the functions also does not guarantee the correctness of the determination of the boundaries of the functions. However, in general, the matrix method can be applied to analyze the dependencies of functions on the blocks of code thus selected.The scientific novelty is connected with the determination of promising vectors for the study of software code for vulnerability, the rationale for the approach (building the transition matrix from integer values), which may be the initial stage of preparation for the automated analysis of the disassembled code.
Matrix method, Adjacency matrix, IDA Pro utility, FASM compiler, Disassembling, Code analyses, Vulnerabilities, Information security, Code blocks, Matrix building algorithm
Kozachok A. V., Kochetkov E. V. Obosnovanie vozmozhnosti primeneniya verifikatsii programm dlya obnaruzheniya vredonosnogo koda. // Voprosy kiberbezopasnosti. — 2016. — Byp. 3(16). — S. 25–32. ISSN 2311-3456.
Padaryan V. A. Avtomatizirovannyy metod postroeniya eksploytov dlya uyazvimosti perepolneniya bufera na steke / V. A Padaryan, V. V. Kaushan, A. N. Fedotov // Trudy instituta sistemnogo programmirovaniya RAN. — 2014. — T. 26. — ¹ 6. — S. 127–144. ISSN 2079-8156.
Metod poiska uyazvimosti formatnoy stroki / I. A. Vakhrushev [i dr.] // Trudy instituta sistemnogo programmirovaniya RAN. — 2015. — T. 27. — ¹ 4. — S. 23-34. ISSN 2079-8156. DOI: 10.15514/ISPRAS-2015-27(4)-2
Fedotov A. N. Metod otsenki ekspluatiruemosti programmnykh defektov // Trudy instituta sistemnogo programmirovaniya RAN. — 2016. — T. 28. — ¹ 4. — S. 137–148. ISSN 2079-8156. DOI: 10.15514/ISPRAS-2016-28(4)-8.
Nepomnyashchikh A. V., Kulikov G. V., Sosnin Yu. V., Nashchekin P. A. Metody otsenivaniya zashchishchennosti informatsii v avtomatizirovannykh sistemakh ot nesanktsio