| 基于模糊匹配的专用库函数识别技术 |
| |
| 引用本文: | 吴滨,蒋烈辉,舒辉,方霞.基于模糊匹配的专用库函数识别技术[J].计算机工程,2011,37(16):36-38. |
| |
| 作者姓名: | 吴滨 蒋烈辉 舒辉 方霞 |
| |
| 作者单位: | 1. 解放军信息工程大学信息工程学院,郑州,450002
2. 海军航空工程学院,山东烟台,264001 |
| |
| 摘 要: | 针对传统库函数识别方法无法有效识别专用库函数的问题,提出基于模糊匹配的专用库函数识别技术。在库文件快速识别与鉴定技术(FLIRT)的函数签名机制的基础上做出改进,提取目标文件的有效函数集并利用专用库函数特征库进行模糊匹配,确定需要加载的库签名,加载签名完成精确匹配。实验结果证明,该技术在专用库函数的识别方面效果较好。
|
| 关 键 词: | 专用库函数 库文件快速识别与鉴定技术 模糊匹配 函数签名 有效函数集 |
| 收稿时间: | 2011-01-25 |
Specific Library Function Identification Technology Based on Vague Matching |
| |
| WU Bin,JIANG Lie-hui,SHU Hui,FANG Xia.Specific Library Function Identification Technology Based on Vague Matching[J].Computer Engineering,2011,37(16):36-38. |
| |
| Authors: | WU Bin JIANG Lie-hui SHU Hui FANG Xia |
| |
| Affiliation: | 1.Institute of Information Engineering,PLA Information Engineering University,Zhengzhou 450002,China;2.Navy Aeronautical Engineering Academy,Yantai 264001,China) |
| |
| Abstract: | Aiming at the problem that traditional library function identification technology can not recognize specific library function effectively,this paper proposes a specific library function identification technology based on vague matching.The technique improves the function signature mechanism produced by Fast Library Identification and Recognition Technology(FLIRT),extracts a valid function congregation from the target file and does vague matching using professional library function feature database.Vague matching determines the signature to be loaded,loads the signature and fulfils the accurate matching.Experimental results show that the method does well at specific library function identification. |
| |
| Keywords: | specific library function Fast Library Identification and Recognition Technology(FLIRT) vague matching function signature valid function congregation |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
