Binary code tracing method for multi-granularity information fusion under software gene perspective

A binary code, multi-granularity technology, applied in the field of network security, can solve problems such as difficulty in obtaining source code, loss of semantic information of binary code, etc., to achieve the effect of improving the accuracy of traceability, the accuracy of traceability, and the effect.

Active Publication Date: 2021-10-22
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF9 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] This invention aims at the problem that it is difficult to obtain the source code from the point of view of malicious code, and the existing binary code traceability method causes the loss of binary code semantic information, and proposes a software Binary code traceability method for multi-granularity information fusion from the perspective of genes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Binary code tracing method for multi-granularity information fusion under software gene perspective
  • Binary code tracing method for multi-granularity information fusion under software gene perspective
  • Binary code tracing method for multi-granularity information fusion under software gene perspective

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The present invention will be further explained below in conjunction with accompanying drawing and specific embodiment:

[0039] Such as figure 1 As shown, a binary code traceability method for multi-granularity information fusion from the perspective of software genes, including:

[0040] Step 1: Extract the software gene sequence, software gene, software gene map of the target program and common information directly extractable from IDA to the sqlite database;

[0041] Further, the commonly used information directly extractable from IDA includes: normal instruction sequences, basic blocks, and information of control flow graphs and program call graphs extracted by IDA.

[0042] Specifically, the software gene sequence is defined as follows:

[0043] For a binary executable F, P is the set of all instructions in F, s i is a series of factors that affect the control flow of the program, Exec(s i ) is in factor s i A set of instruction sequences that have been execu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of network security, and discloses a binary code tracing method for multi-granularity information fusion under a software gene perspective, which comprises the following steps of: 1, extracting a software gene sequence, a software gene and a software gene map of a target program and common information which can be directly extracted from IDA to an sqlite database; 2, carrying out word embedding on the software gene sequence in the sqlite database, and then carrying out bidirectional GRU model training to obtain a feature vector; 3, performing multi-granularity sequence information fusion based on the feature vector obtained after training in the step 2 and information in the sqlite database to obtain a feature vector containing multi-granularity information, and then performing structured learning through graph convolution; 4, mapping the learned hidden layer space feature vector representation to a sample marking space through a full connection layer to serve as a voting value of judgment, and finally obtaining a classification result. The method has high binary code traceability accuracy.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a binary code traceability method for multi-granularity information fusion from the perspective of software genes. Background technique [0002] Binary code traceability refers to identifying the hidden author or team behind the scenes through the characteristics of the author of the binary code, and replacing the error-prone and time-consuming manual reverse engineering tasks by automated means. "Who is behind the malicious code?" A very important issue in today's security community is the traceability of the code. By finding the source of malicious code and correlating it with previously known threats, we can better defend against it and develop techniques to counter possible future dangers. With more and more malicious codes and the number of modified malicious codes increases dramatically. Malware groups and authors are creating numerous malware variant...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F8/53G06F16/28G06N3/04G06N3/08G06K9/62
CPCG06F21/563G06F8/53G06F16/285G06N3/08G06N3/044G06F18/259G06F18/253
Inventor 刘福东黄一钊张春燕单征桂海仁乔猛熊其冰唐柯徐恋秋宋智辉
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap