Detection Techniques for ELF Executable File Using Assembly Instruction Searching

机译：使用汇编指令搜索的ELF可执行文件检测技术

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

As the frequency of computer crime is increasing, computer forensics became the center of interest in information security. A region of computer forensics is to restore the deleted information, to detect the hidden information, and to find out the meaning of the information. However, the result of present research restoring binary data and analyzing the meaning of the information is not covered by forensics investigation. This is the reason why we suggest some techniques for recovering original data and figuring out whether it is a fragment of executable file. Suggested detection method is based on the structure of ELF file consisting of a header and a lot of assembly operation codes. If the ratio of detected assembly instructions to size of a file fragment is over than fixed value (threshold), then we decide that the fragment is one section of executable file.

机译：随着计算机犯罪频率的增加，计算机取证成为信息安全的关注中心。计算机取证的一个领域是恢复已删除的信息，检测隐藏的信息并找出信息的含义。然而，目前的研究结果是恢复二进制数据并分析信息的含义并没有包括在法医调查中。这就是为什么我们建议使用一些技术来恢复原始数据并弄清它是否是可执行文件的片段的原因。建议的检测方法基于ELF文件的结构，该文件由标题和大量汇编操作代码组成。如果检测到的汇编指令与文件片段大小的比率大于固定值（阈值），则我们认为该片段是可执行文件的一部分。

著录项

来源
《International Conference on Computational Science and Its Applications(ICCSA 2004) pt.1; 20040514-20040517; Assisi; IT》|2004年|P.230-237|共8页
会议地点 Assisi(IT);Assisi(IT)
作者
Jun-Hyung Park; Min-soo Kim; Bong-Nam Noh;
展开▼
作者单位

Interdisciplinary Program of Information Security, Chonnam National University, Korea;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类理论、方法;
关键词
ELF file; assembly instruction; computer forensics; file fragment;

机译：ELF文件;汇编指令;计算机取证;文件片段;

相似文献

外文文献
中文文献
专利

1. Self-assembly and hydrothermal technique syntheized Fe2O3-RGO nanocomposite: The enhancement effect of electrochemical simultaneous detection of honokiol and magnolol [J] . Hu Weibing, Zhang Wen, Wu Yan, Journal of electroceramics . 2018,第1期

机译：自组装和水热技术合成Fe2O3-rgo纳米复合材料：电化学同时检测Honokiol和Magnolol的增强效果
2. Label-Free Detection of DNA Hybridization Using a Reflective Microfiber Bragg Grating Biosensor With Self-Assembly Technique [J] . Dandan Sun, Tuan Guo, Bai-Ou Guan Journal of Lightwave Technology . 2017,第16期

机译：使用自组装技术的反射超细纤维布拉格光栅生物传感器对DNA杂交进行无标记检测。
3. Fabrication of transparent SERS platform via interface self-assembly of gold nanorods and gel trapping technique for on-site real time detection [J] . Lin Xiang, Hasi Wu-Li-Ji, Han Si-Qin-Gao-Wa, Physical chemistry chemical physics: PCCP . 2015,第46期

机译：通过金纳米棒的界面自组装和凝胶捕获技术制备透明的SERS平台，用于现场实时检测
4. Detection Techniques for ELF Executable File Using Assembly Instruction Searching [C] . Jun-Hyung Park, Min-soo Kim, Bong-Nam Noh International Conference on Computational Science and its Applications . 2004

机译：使用汇编指令搜索的ELF可执行文件检测技术
5. Automatic detection of software security vulnerabilities in executable program files. [D] . Tevis, Jay-Evan J. 2005

机译：自动检测可执行程序文件中的软件安全漏洞。
6. An improved extraction technique of executable file from physical memory by analyzing file object [O] . Youngbok Kang, Hyunuk Hwang, Kibom Kim, 2014

机译：通过分析文件对象改进了物理内存中可执行文件的改进的提取技术

Detection Techniques for ELF Executable File Using Assembly Instruction Searching

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅