Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Methods and systems for an integrated disassembler with a function-queue manager and a disassembly interrupter for rapid, efficient, and scalable code gene extraction and analysis

Active Publication Date: 2021-07-01
INTEZER LABS LTD
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The present invention provides a method for quickly and efficiently extracting code genes from binary code. The invention includes an integrated disassembler that separates functions from a file and a code-matching analysis program that can analyze gene information as it is detected. This saves time and resources and allows for scalability, making it easier to process bulk files. Overall, the invention streamlines the process of disassembly and gene analysis, improving the ability to analyze binary files for malicious and trusted genes.

Problems solved by technology

Even as security professionals rest, attackers are hard at work.
However, one is limited to only the code fragments that are known in advance.
A series of code fragments in an unknown file would require full disassembly before inspection of any one of the code fragments extracted, making such undertakings tediously manual and lacking scalability.
Given that there can be a very large number of such functions in a binary file, when code matching of genes is the goal, such disassemblers are slow, clumsy, and inefficient in processing a file, requiring manual entry and consuming valuable processing time.
This saves substantial time in the overall detection and analysis of shared code genes.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Methods and systems for an integrated disassembler with a function-queue manager and a disassembly interrupter for rapid, efficient, and scalable code gene extraction and analysis
  • Methods and systems for an integrated disassembler with a function-queue manager and a disassembly interrupter for rapid, efficient, and scalable code gene extraction and analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039]The present invention relates to methods and systems for an integrated disassembler with a function-queue manager and a disassembly interrupter for rapid, efficient, and scalable code gene extraction and analysis. The principles and operation for providing such methods and systems, according to the present invention, may be better understood with reference to the accompanying description and the drawings.

[0040]Referring to the drawings, FIG. 1 is a simplified flowchart of the major process steps for an integrated disassembler with a function-queue manager for code gene extraction and analysis, according to embodiments of the present invention. The process starts with activation of the disassembly process upon accessing a target binary file and finding the entry points (Step 2). The binary file is then disassembled into assembly code by finding instructions such as function calls or starts of loops (Step 4). Individually identified code fragments are extracted from the assembly...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention discloses methods and systems for an integrated disassembler with a function-queue manager and a disassembly interrupter for rapid, efficient, and scalable code gene extraction and analysis. Methods include the steps of: upon receiving a target binary file, disassembling the target binary file into assembly code; extracting code fragments from the assembly code; as each code fragment is extracted, verifying each code fragment; upon availability, placing each verified code fragment in an extractor queue; and upon availability, submitting each code fragment in the extractor queue to a gene-analysis system having a code genome database. Alternatively, upon determining the extractor queue is empty or determining resources of the gene-analysis system are underutilized, transferring partially-verified code fragments to the extractor queue. Alternatively, upon receiving gene information regarding the target binary file from the gene-analysis system during disassembly, determining whether to terminate the step of disassembling based on the gene information.

Description

FIELD AND BACKGROUND OF THE INVENTION[0001]The present invention relates to methods and systems for an integrated disassembler with a function-queue manager and a disassembly interrupter for rapid, efficient, and scalable code gene extraction and analysis.[0002]Despite the rapid pace of technology in general, few industries today are as dynamic as that of cyber security. Attackers' techniques are constantly evolving, and along with them, the potential threat.[0003]For security teams, the challenge remains not to keep up, but rather, to outpace them. It is a persistent struggle: a never-ending, record-setting marathon at a constant sprint. Even as security professionals rest, attackers are hard at work. The tools and approaches used must also adapt in order to stay a step ahead in defending their organizations. Malware classification, which encompasses both the identification and attribution of code, has the power to unlock many clues that aid security teams in achieving this.[0004]W...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G16B20/00G16B50/00G06F8/53
CPCG16B20/00G06F8/53G16B50/00G06F21/563G06F21/56G06F21/564
Inventor TEVET, ITAIHALEVI, ROYABRAHAMY, JONATHANEITAN, ARITUFIK, DAVIDROSENBERG, JAY
Owner INTEZER LABS LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com