Virtual executive system and method based on code slice

A virtual execution and code technology, applied in the field of binary program virtual execution system, can solve problems such as low operating efficiency and limited code capability, and achieve high performance

Inactive Publication Date: 2008-04-16
UNIV OF ELECTRONIC SCI & TECH OF CHINA
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, they are often implemented based on a complete simulation of instructions, and the operati

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virtual executive system and method based on code slice
  • Virtual executive system and method based on code slice

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0023] Referring to FIG. 1 , the virtual execution system is initialized, which includes the installation and configuration of code slice virtual execution components, disassembly components and dynamic monitoring components. Start the monitored program in debug mode. The binary program may contain user mode code and kernel mode code. The user's input is accepted through the dynamic monitoring component, including the location of the trigger point, the location of the release point, the limit on the number of basic block instructions, and the requirements for combining basic blocks. Set the attribute of the memory page corresponding to the address of the trigger point and the release point to non-existent.

[0024] When the binary program accesses the trigger poi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a dynamic virtual execution system and a method of computer binary system program instruction, wherein, the system consists of a dynamic monitoring part, a disassembling part and a code slicing virtual execution part; the method includes the following steps: a monitored program is started in a debug mode; the dynamic monitoring part is provided with a trigger point and a release point; the trigger point is activated and the demand for control is transferred to the code slicing virtual execution part by the dynamic monitoring part; after the code stream of an object program is obtained, the disassembling part analyzes instructions to create a basic block; the generated basic block is stored in a buffer and virtual execution of each instruction of the basic block is completed after preprocessing; when reaching the release point, the instruction returns to the dynamic monitoring part to restore the normal execution of a binary program. The invention which is suitable for instruction level fine grain analysis during running a binary program supports local area simulation of object code stream; moreover, the invention can realize effective processing of the self mutation/self-checking code under multithread environment as well as various obfuscation codes, thereby having high operating efficiency.

Description

technical field [0001] The invention relates to a binary program virtual execution system and method, in particular to an instruction-level virtual execution environment. The invention is used for dynamic fine-grained automatic analysis of unknown binary programs. Background technique [0002] The dynamic analysis of fine-grained binary programs is a challenging task, which will provide the key information needed to build the core structure and function blueprint of unknown software. The current research on the analysis of unknown binary programs can be roughly divided into two methods: static analysis and dynamic analysis. [0003] Static methods allow for detailed, fine-grained analysis because they are not tied to a particular execution environment. This method allows to analyze the internal structure and function of the binary program without running it, and can ensure that the binary code of the program will never be executed, thereby reducing the runtime burden. In ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/22G06F21/56
Inventor 曹跃梁晓李毅超柴方明舒柏程
Owner UNIV OF ELECTRONIC SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap