Рус Eng During last 365 days Approved articles: 2016,   Articles in work: 300 Declined articles: 794 
Library

Back to contents

Cybernetics and programming
Reference:

Methods for automated formation of a disassembled listing structure
Revnivykh Aleksandr Vladimirovich

PhD in Technical Science

Associate Professor, Department of Information Security, Novosibirsk State University of Economics and Management 

630099, Russia, Novosibirskaya oblast', g. Novosibirsk, ul. Kamenskaya, 56

al.revnivykh@mail.ru
Другие публикации этого автора
 

 
Velizhanin Anatolii Sergeevich

Specialist, Tyumen Industrial University

625000, Russia, Tyumenskaya oblast', g. Tyumen', ul. Volodarskogo, 38

anatoliy.velizhanin@gmail.com
Другие публикации этого автора
 

 

Abstract.

The subject of the research is the method of splitting a disassembled code into logical blocks in automatic mode, searching for software vulnerabilities without using source code (using a binary file or its equivalent, obtained by reverse engineering).The object of the research is the existing code analyzers and features of their functionality.The aim of the study is to consider the possibility of splitting a disassembled code into logical blocks in automatic mode and some of the possible difficulties associated with this.Formulation of the problem. The complexity of analyzing large software products at the level of machine code necessitates the automation of this process. The research methodology is based on a combination of theoretical and empirical approaches using the methods of static and dynamic analysis, comparison, generalization, algorithmization, modeling, synthesis. Key findings. Splitting the code into blocks by sequential in line-by-line analysis of machine code in some cases can lead to misinterpretation. In addition, the analysis of the code according to the conclusions of the functions also does not guarantee the correctness of the determination of the boundaries of the functions. However, in general, the matrix method can be applied to analyze the dependencies of functions on the blocks of code thus selected.The scientific novelty is connected with the determination of promising vectors for the study of software code for vulnerability, the rationale for the approach (building the transition matrix from integer values), which may be the initial stage of preparation for the automated analysis of the disassembled code.

Keywords: Matrix method, Adjacency matrix, IDA Pro utility, FASM compiler, Disassembling, Code analyses, Vulnerabilities, Information security, Code blocks, Matrix building algorithm

DOI:

10.25136/2306-4196.2019.2.28272

Article was received:

14-12-2018


Review date:

22-12-2018


Publish date:

25-12-2018


This article written in Russian. You can find full text of article in Russian here .

References
1.
Revnivykh A. V. Monitoring informatsionnoi infrastruktury organizatsii / A. V. Revnivykh, A. M. Fedotov // Vestnik NGU. Ser.: Informatsionnye tekhnologii. — 2013. — T. 11. — № 4. — S. 84–91. ISSN 1818-7900. URL: https://nsu.ru/xmlui/bitstream/handle/nsu/1295/2013_V11_N4_8.pdf.
2.
Primenenie kompilyatornykh preobrazovanii dlya protivodeistviya ekspluatatsii uyazvimostei programmnogo obespecheniya / A. R. Nurmukhametov [i dr.] // Trudy instituta sistemnogo programmirovaniya RAN. — 2014. — T. 26. — №
3.
S. 113-124. ISSN 2079-8156. 3.Otsenka kritichnosti programmnykh defektov v usloviyakh raboty sovremennykh zashchitnykh mekhanizmov /A. N. Fedotov [i dr.] // Trudy instituta sistemnogo programmirovaniya RAN. — 2016. — T. 28. — № 5. — S. 73–92. DOI: 10.15514/ISPRAS-2016-28(5)-4
4.
Mukhanova A. A. Klassifikatsiya ugroz i uyazvimostei informatsionnoi bezopasnosti v korporativnykh sistemakh / A. A. Mukhanova, A. V Revnivykh, A. M Fedotov // Vestnik NGU. Ser.: Informatsionnye tekhnologii. — 2013. — T. 11. — № 2. — S. 55-72. ISSN 1818-7900.
5.
Revnivykh A. V. Politiki obnovleniya resursov v informatsionnykh sistemakh / A. V. Revnivykh, A. M. Fedotov // Vestnik NGU. Ser.: Informatsionnye tekhnologii. — 2013. — T. 11. — № 2. —S. 82–105. ISSN 1818-7900.
6.
Fedotov A. N. Postroenie predikatov bezopasnosti dlya nekotorykh tipov programmnykh defektov / A. N. Fedotov [i dr.] // Trudy instituta sistemnogo programmirovaniya RAN. — 2017. — T. 29. — № 6. — S. 151–162. ISSN 2079-8156. DOI: 10.15514/ISPRAS-2017-29(6)-8.
7.
Nadezhdin E.N. Analiz uyazvimostei programmnogo obespecheniya pri proektirovanii mekhanizma integrirovannoi zashchity korporativnoi informatsionnoi sistemy / E.N. Nadezhdin, E.I. Shchiptsova, T.L. Shershakova. // Sovremennye naukoemkie tekhnologii. — 2017. — № 10. — S. 32–38. ISSN 1812-7320. URL: http://www.top-technologies.ru/ru/article/view?id=36824
8.
Satton M. Fuzzing: issledovanie uyazvimostei metodom gruboi sily / M. Satton, A. Grin, P. Amini. — SPb.-M.: Simvol-Plyus, 2009. — 560 s. ISBN: 978-5-93286-147-9.
9.
Velizhanin A. S. Evristicheskii metod poiska uyazvimostei v PO bez ispol'zovaniya iskhodnogo koda / A. S. Velizhanin, A. V. Revnivykh // XIV Rossiiskaya konferentsiya s mezhdunarodnym uchastiem "Raspredelennye informatsionnye i vychislitel'nye resursy" (DICR-2012). ISBN 978-5-905569-05-0. 26 noyabrya-30 noyabrya 2012, Novosibirsk. URL: http://conf.ict.nsc.ru/files/conferences/dicr2012/fulltext/140768/141800/%D0%A0%D0%B5%D0%B2%D0%BD%D0%B8%D0%B2%D1%8B%D1%85%20%20%D0%AD%D0%B2%D1%80%D0%B8%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BC%D0%B5%D1%82%D0%BE%D0%B4.pdf
10.
Blagodarenko A. V. Razrabotka metoda, algoritmov i programm dlya avtomaticheskogo poiska uyazvimostei programmnogo obespecheniya v usloviyakh otsutstviya iskhodnogo koda: dissertatsiya ... kandidata tekhnicheskikh nauk: 05.13.19 / A. V. Blagodarenko; [Mesto zashchity: Yuzh. feder. un-t]. — Taganrog, 2011. — 140 s.: il. OD 61 12-5/251.
11.
Shudrak M. O. Avtomatizirovannyi poisk uyazvimostei v binarnom kode / M. O. Shudrak, T. S. Kheirkhabarov // Reshetnevskie chteniya: materialy XVI Mezhdunar. nauch. konf., posvyashch. pamyati gener. konstruktora raket.-kosmich. sistem akad. M. F. Reshetneva (7–9 noyab. 2012, g. Krasnoyarsk): v 2 ch. / pod obshch. red. Yu. Yu. Loginova; Sib. gos. aerokosmich. un-t. — Krasnoyarsk, 2012. — Ch. 2. — S. 691–692.
12.
Voropaev D. P. Issledovanie programmnykh uyazvimostei v komp'yuternykh sistemakh i analiz primenyaemogo programmnogo obespecheniya dlya provedeniya atak na vychislitel'nuyu sistemu / D. P. Voropaev, I. A. Zaugolkov // Vestnik TGU. — 2014. — T. 19. — № 2. S. — 637–638. ISSN 1810-0198. URL: https://cyberleninka.ru/article/v/issledovanie-programmnyh-uyazvimostey-v-kompyuternyh-sistemah-i-analiz-primenyaemogo-programmnogo-obespecheniya-dlya-provedeniya-atak
13.
Mironov S. V. Tekhnologii kontrolya bezopasnosti avtomatizirovannykh sistem na osnove strukturnogo i povedencheskogo testirovaniya programmnogo obespecheniya / S. V.Mironov, G. V. Kulikov // Kibernetika i programmirovanie. — 2015. — № 5. — S.158–172. ISSN 2306-4196. DOI: 10.7256/2306-4196.2017.1.20351
14.
Nepomnyashchikh A. V., Kulikov G. V., Sosnin Yu. V., Nashchekin P. A. Metody otsenivaniya zashchishchennosti informatsii v avtomatizirovannykh sistemakh ot nesanktsionirovannogo dostupa // Voprosy zashchity informatsii. — 2014. — № 1 (104). — S. 3–12. ISSN 2073-2600.
15.
Fedotov A. N. Metod otsenki ekspluatiruemosti programmnykh defektov // Trudy instituta sistemnogo programmirovaniya RAN. — 2016. — T. 28. — № 4. — S. 137–148. ISSN 2079-8156. DOI: 10.15514/ISPRAS-2016-28(4)-8.
16.
Metod poiska uyazvimosti formatnoi stroki / I. A. Vakhrushev [i dr.] // Trudy instituta sistemnogo programmirovaniya RAN. — 2015. — T. 27. — № 4. — S. 23-34. ISSN 2079-8156. DOI: 10.15514/ISPRAS-2015-27(4)-2
17.
Padaryan V. A. Avtomatizirovannyi metod postroeniya eksploitov dlya uyazvimosti perepolneniya bufera na steke / V. A Padaryan, V. V. Kaushan, A. N. Fedotov // Trudy instituta sistemnogo programmirovaniya RAN. — 2014. — T. 26. — № 6. — S. 127–144. ISSN 2079-8156.
18.
Kozachok A. V., Kochetkov E. V. Obosnovanie vozmozhnosti primeneniya verifikatsii programm dlya obnaruzheniya vredonosnogo koda. // Voprosy kiberbezopasnosti. — 2016. — Byp. 3(16). — S. 25–32. ISSN 2311-3456.
19.
Azymshin I. M. Analiz bezopasnosti programmnogo obespecheniya / I. M. Azymshin, V. O. Chukanov // Bezopasnost' informatsionnykh tekhnologii. — 2014. —№ 1. — S. 45–47. ISSN 2074-7136.
20.
Sosnin Yu. V. Kompleks matematicheskikh modelei optimizatsii konfiguratsii sredstv zashchity informatsii ot nesanktsionirovannogo dostupa / Yu. V. Sosnin, G. V. Kulikov, A. V. Nepomnyashchikh // Programmnye sistemy i vychislitel'nye metody. . — 2015. — № 1. — S. 32–44. ISSN 2305-6061. DOI: 10.7256/2305-6061.2015.1.14124
21.
Melkogranulyarnaya randomizatsiya adresnogo prostranstva programmy pri zapuske / A. R. Nurmukhametov [i dr.] // Trudy instituta sistemnogo programmirovaniya RAN. — 2014. — T. 29. — № 6. — S. 163–182. — ISSN 2079-8156.