An Object Code Reverse Engineering Method Based on Program Evolution Model

A program model and object code technology, applied in the field of object code reverse engineering based on program evolution model, can solve problems such as inability to construct reverse model correctly

Active Publication Date: 2019-02-12
EAST CHINA NORMAL UNIV
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, with the development of compiling, protection and obfuscation technologies, and the introduction of some specific compiling and optimization technologies, traditional reverse engineering methods have been unable to construct reverse models correctly.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An Object Code Reverse Engineering Method Based on Program Evolution Model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0028] According to the embodiment of the present invention, as attached figure 1 As shown, a method of object code reverse engineering based on a program evolution model is disclosed, the program evolution model is based on the evolution of a program model to carry out reverse engineering, and the method includes the following steps:

[0029] Step A: start the human-computer interaction interface, respectively input the object cod...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a program evolution model-based target code reverse engineering method. A package format of a target code file can be automatically identified; code segments of the target code file are distinguished; analysis is performed by using a disassembling technology and a corresponding program model is generated; analysis is performed again based on the previous program model and a new program model is generated; and the processes are continuously repeated and gradually refined to finally generate a .ASM file capable of being assembled again. With the adoption of the method, the self-confused target code file with instruction overlapping can be subjected to accurate and effective reverse engineering; and the method can be applied to the analysis and identification of shelled malicious software with self-confusion instructions, instruction overlapping and the like as well as the analysis of anti-disassembling closed source software.

Description

technical field [0001] The invention relates to the field of data processing, in particular to an object code reverse engineering method based on a program evolution model. Background technique [0002] With the increase of software complexity, reverse engineering has attracted more and more attention, and has become a new branch in the field of software engineering. The purpose of using object code reverse engineering technology is to start directly from the compiled or specially processed final object program without source code, and apply various technical means to restore the semantic information of program behavior, thereby helping to understand the principle of the program. Analyzing malware, vulnerabilities of closed source software, interoperability of closed source software, consistency of target program with source program, verifying compiler performance and accuracy, and displaying assembly instructions during debugging are all target code reverse engineering tech...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F8/74
CPCG06F8/74
Inventor 史建琦熊家文黄滟鸿何积丰李昂方徽星
Owner EAST CHINA NORMAL UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products