The library function recognition algorithm of PE file disassembler research and implementation

机译：PE文件反汇编程序的库函数识别算法研究与实现

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

In order to solve the problem of static library function recognition of Windows PE (Portable Execute) in the field of software reverse engineering, a new extraction algorithm based on the library function signature is presented. The algorithm extracts the library function signature of lib suffix to the files, then the disassembler identifies the functions with the library function signature and return the address and the corresponding library function name in the disassembly phase of PE files. The results show that the recognition algorithm is able to efficiently identify the library function address, and library function blocks.

机译：为了解决软件逆向工程领域Windows PE（Portable Execute）静态库功能识别的问题，提出了一种新的基于库功能签名的提取算法。该算法将lib后缀的库函数签名提取到文件中，然后反汇编程序使用库函数签名识别函数，并在PE文件的反汇编阶段返回地址和相应的库函数名称。结果表明，该识别算法能够有效识别库函数地址和库函数块。

著录项

来源
《IT in Medicine and Education (ITME), 2011 International Symposium on》|2011年|p.132-135|共4页
会议地点
作者
Su Qing; Si Si; Wu Wei-ming; Huang Jian-wei; Fan Wei-feng; Li Xiao-feng;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类计算机的应用;
关键词
Portable Execute file; disassembly; feature code; library function identify; obfuscation;

机译：可移植执行文件;反汇编;功能代码;库函数识别;混淆;

相似文献

外文文献
中文文献
专利

1. Exploring Function Call Graph Vectorization and File Statistical Features in Malicious PE File Classification [J] . Zhang Yipin, Chang Xiaolin, Lin Yuzhou, Quality Control, Transactions . 2020,第期

机译：探索函数调用图矢量化和文件统计功能在恶意PE文件分类中
2. SSD Aware File System Page Cache Algorithms Designs and Implementation to Increase Switch Merge and Reduce Full Merge [J] . Arul Selvan Ramasamy, Porkumaran Karantharaj Research journal of applied science, engineering and technology . 2014,第21期

机译：SSD感知文件系统页面缓存算法的设计和实现，以增加交换机合并并减少完全合并
3. SSD Aware File System Page Cache Algorithms Designs and Implementation to Increase Switch Merge and Reduce Full Merge [J] . Arul Selvan Ramasamy, Porkumaran Karantharaj Research journal of applied science, engineering and technology . 2014,第21期

机译：SSD感知文件系统页面缓存算法的设计和实现，以增加交换机合并并减少完全合并
4. The library function recognition algorithm of PE file disassembler research and implementation [C] . Su Qing, Si Si, Wu Wei-ming, IEEE International Symposium on IT in Medicine and Education . 2011

机译：PE文件反汇编程序研究与实现的库函数识别算法
5. A novel algorithm for neural network implementation of Boolean functions and its application to character recognition [D] . Hussain, Basit. 1991

机译：布尔函数神经网络实现的新算法及其在字符识别中的应用
6. Sign Language Recognition Using Wearable Electronics: Implementing k-Nearest Neighbors with Dynamic Time Warping and Convolutional Neural Network Algorithms [O] . Giovanni Saggio, Pietro Cavallo, Mariachiara Ricci, 2020

机译：使用可穿戴电子产品的手语识别：实现K-Cirseld邻居具有动态时间翘曲和卷积神经网络算法
7. Library for advanced functions in algorithms, data structures and AI implemented in C/C++ - Olib [O] . Wszeborowska A., Swierczewski L., Świerczewski Ł. 2012

机译：在C / C ++中实现的算法，数据结构和AI高级功能库-Olib
8. KAOS/LIB-V: A Library of Nuclear Response Functions Generated by KAOS-V Code from ENDF/B-V and Other Data Files. [R] . Farawila, Y., Gohar, Y., Maynard, C. 1989

机译：KaOs / LIB-V：来自ENDF / B-V和其他数据文件的KaOs-V代码生成的核响应函数库。

The library function recognition algorithm of PE file disassembler research and implementation

摘要

著录项

相似文献

相关主题

期刊订阅