计算机工程2012,Vol.38Issue(1):68-70,73,4.DOI:10.3969/j.issn.1000-3428.2012.01.018
一种动静态结合的代码反汇编技术
Code Disassembly Technology Combining Dynamic and Static State
宋威 1曾勇军 2奚琪2
作者信息
- 1. 中国通用技术(集团)控股有限责任公司,北京100055
- 2. 解放军信息工程大学信息工程学院,郑州450002
- 折叠
摘要
Abstract
Disassembly is the foundation of code analysis, code detection and code instrumentation, by translating binary code into symbol form. Disassembly technology based on static analysis and dynamic emulation is presented in this paper, in order to improve the accuracy and coverage of code disassembly. Based on the static disassembly algorithms, dynamic identification algorithm of basic block is constructed by using code emulation environment, and the code disassembly is refined by monitoring the execution paths of code. Test results show that the technology is effective.关键词
反汇编技术/线性扫描/递归遍历/基本块/QEMU仿真器Key words
disassembly technology/ linear scan/ recursive traversal/ basic block/ QEMU emulator分类
信息技术与安全科学引用本文复制引用
宋威,曾勇军,奚琪..一种动静态结合的代码反汇编技术[J].计算机工程,2012,38(1):68-70,73,4.
