| 基于消息语义解析的软件网络行为分析 |
| |
| 引用本文: | 吴逸伦,张博锋,赖志权,苏金树.基于消息语义解析的软件网络行为分析[J].计算机应用,2012,32(1):25-29. |
| |
| 作者姓名: | 吴逸伦 张博锋 赖志权 苏金树 |
| |
| 作者单位: | 国防科学技术大学 计算机学院,长沙 410073 |
| |
| 基金项目: | 国家自然科学基金资助项目(60901078);国家863计划项目(2009AA12Z219) |
| |
| 摘 要: | 通过对软件网络行为的研究,提出了通过结合动态分析软件行为技术和网络消息语义解析技术对软件网络行为进行分析的系统模型。系统主要由动态二进制分析模块、消息语义解析模块和网络行为分析模块组成。通过动态二进制分析,利用行为监控和劫持机制,获取软件对于应用程序编程接口(API)函数和系统函数的调用情况;通过动态污点分析,对消息语义进行解析。实验验证表明,软件行为和消息语义解析的结合可以用于分析软件网络行为。
|
| 关 键 词: | 动态二进制分析 动态污点分析 消息语义解析 应用程序编程接口 |
| 收稿时间: | 2011-08-02 |
| 修稿时间: | 2011-09-01 |
Software network behavior analysis based on message semantics analysis |
| |
| WU Yi-lun ZHANG Bo-feng LAI Zhi-quan SU Jin-shu.Software network behavior analysis based on message semantics analysis[J].journal of Computer Applications,2012,32(1):25-29. |
| |
| Authors: | WU Yi-lun ZHANG Bo-feng LAI Zhi-quan SU Jin-shu |
| |
| Affiliation: | College of Computer, National University of Defense Technology, Changsha Hunan 410073, China |
| |
| Abstract: | Through studying software network behavior, a new system model for analyzing the software network behavior based on dynamic binary analysis and message semantics analysis was proposed. The system consisted of dynamic binary analysis module, message semantics analysis module and network behavior analyzer. With the dynamic binary analysis, the Application Programming Interface (API) functions and system functions called by software could be obtained; by using the dynamic taint analysis, the message semantics could be extracted. The experimental results show that, combining the dynamic binary analysis and message semantics extraction can be used for analyzing the software network behavior. |
| |
| Keywords: | dynamic binary analysis dynamic taint analysis message semantics extraction Application Programming Interface (API) |
|
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
