摘要
二进制程序数据流静态分析首先将被分析的程序转换成数据流描述标记,确定每个基本块的输入、输出定值集合,结合程序控制流图,建立模块内数据流方程组,通过迭代的方法解数据流方程并推导出函数输入与输出之间的联系,实现函数功能的静态理解。经过实验表明,在不需要额外提示的情况下,能够准确识别二进制形式的字符串拷贝函数。
In order to analyze executable file,this paper proposes a method of understanding program by data flow analysis. It firstly translates disassemble results into data flow descriptive language and gets Reach In and Out definition,builds intra-procedur data flow equations,and then solves equations to refer relation between function input and output.The method has been validated by experiment on string copy function without extra clue.
出处
《计算机工程与应用》
CSCD
北大核心
2010年第23期64-66,71,共4页
Computer Engineering and Applications
关键词
敏感数据流
反汇编
到达-定值
程序理解
sensitive data flow
disassemble
reach-definition
program understanding