Automated Identification of Cryptographic Primitives in Binary Programs

机译：在二进制程序中自动识别密码基元

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Identifying that a given binary program implements a specific cryptographic algorithm and finding out more information about the cryptographic code is an important problem. Proprietary programs and especially malicious software (so called malware) often use cryptography and we want to learn more about the context, e.g., which algorithms and keys are used by the program. This helps an analyst to quickly understand what a given binary program does and eases analysis. In this paper, we present several methods to identify cryptographic primitives (e.g., entire algorithms or only keys) within a given binary program in an automated way. We perform fine-grained dynamic binary analysis and use the collected information as input for several heuristics that characterize specific, unique aspects of cryptographic code. Our evaluation shows that these methods improve the state-of-the-art approaches in this area and that we can successfully extract cryptographic keys from a given malware binary.

机译：识别给定的二进制程序实现了特定的加密算法并找出有关加密代码的更多信息是一个重要的问题。专有程序，特别是恶意软件（所谓的恶意软件）通常使用加密技术，我们希望了解更多有关上下文的信息，例如，程序使用了哪些算法和密钥。这有助于分析人员快速了解给定二进制程序的功能并简化分析。在本文中，我们介绍了几种以自动方式在给定的二进制程序中识别密码原语（例如整个算法或仅密钥）的方法。我们执行细粒度的动态二进制分析，并将收集到的信息用作几种启发式方法的输入，这些启发式方法表征了加密代码的特定，独特方面。我们的评估表明，这些方法改进了该领域的最新技术，并且我们可以成功地从给定的恶意软件二进制文件中提取加密密钥。

著录项

来源
《Recent advances in intrusion detection》|2011年|p.41-60|共20页
会议地点 Menlo Park CA(US);Menlo Park CA(US)
作者
Felix Groebert; Carsten Willems; Thorsten Holz;
展开▼
作者单位

Horst Goertz Institute for IT-Security, Ruhr-University Bochum;

Laboratory for Dependable Distributed Systems, University of Mannheim;

Horst Goertz Institute for IT-Security, Ruhr-University Bochum;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全保密;
关键词
binary analysis; malware analysis; cryptography;

机译：二元分析恶意软件分析；密码学;

相似文献

外文文献
中文文献
专利

1. Verifying Arithmetic Assembly Programs in Cryptographic Primitives (Invited Talk) [J] . Andy Polyakov, Ming-Hsien Tsai, Bow-Yaw Wang, LIPIcs : Leibniz International Proceedings in Informatics . 2018,第2期

机译：验证密码基元中的算术汇编程序（应邀演讲）
2. Automated mapping of large binary objects using primitive fragment type classification [J] . Gregory Conti, Sergey Bratus, Anna Shubina, Digital investigation . 2010,第aug期

机译：使用原始片段类型分类自动映射大型二进制对象
3. Automated Repair of Binary and Assembly Programs for Cooperating Embedded Devices [J] . Eric Schulte, Jonathan DiLorenzo, Westley Weimer, Computer architecture news . 2013,第1期

机译：自动修复二进制程序和汇编程序，以配合嵌入式设备
4. Automated Identification of Cryptographic Primitives in Binary Programs [C] . Felix Groebert, Carsten Willems, Thorsten Holz International symposium on recent advances in intrusion detection . 2011

机译：二进制程序中的加密原语的自动识别
5. Theoretical and Practical Efficiency of Cryptographic Primitives [D] . Ames, Scott Knibbe. 2020

机译：加密原语的理论与实用效率
6. Early identification of hERG liability in drug discovery programs by automated patch clamp [O] . Timm Danker, Clemens Möller 2014

机译：通过自动膜片钳早期发现药物发现计划中的hERG责任
7. Automated Identification of Cryptographic Primitives in Binary Programs [O] . Carsten Willems, Thorsten Holz 2011

机译：二进制程序中加密基元的自动识别

Automated Identification of Cryptographic Primitives in Binary Programs

摘要

著录项

相似文献

相关主题

期刊订阅