基于高级码链的可执行二进制文件密码算法自动检测

2019 International Conference on Green and Human Information Technology (ICGHIT) Pub Date : 2019-01-01 DOI:10.1109/ICGHIT.2019.00031

Hanseong Lee, Hyung-Woo Lee

{"title":"基于高级码链的可执行二进制文件密码算法自动检测","authors":"Hanseong Lee, Hyung-Woo Lee","doi":"10.1109/ICGHIT.2019.00031","DOIUrl":null,"url":null,"abstract":"Executable binary files can be developed using cryptographic modules using open libraries such as OpenSSL and Crypto++ in Windows environments. To determine the embedded encryption algorithms and detect cryptographic modules used in binary files, a high degree of knowledge on internal structure is required in de-assembling and analyzing. And the reverse engineering process on executable binary file is very difficult. Therefore, we developed an automatic detection tool that can automatically detect the cryptographic algorithm to efficiently analyze cryptographic algorithms as a form of IDA plug-in module. This tool can be used to detect and track cryptographic algorithms used in arbitrary executables on Windows OS system.","PeriodicalId":160708,"journal":{"name":"2019 International Conference on Green and Human Information Technology (ICGHIT)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Automatic Detection of Cryptographic Algorithms in Executable Binary Files using Advanced Code Chain\",\"authors\":\"Hanseong Lee, Hyung-Woo Lee\",\"doi\":\"10.1109/ICGHIT.2019.00031\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Executable binary files can be developed using cryptographic modules using open libraries such as OpenSSL and Crypto++ in Windows environments. To determine the embedded encryption algorithms and detect cryptographic modules used in binary files, a high degree of knowledge on internal structure is required in de-assembling and analyzing. And the reverse engineering process on executable binary file is very difficult. Therefore, we developed an automatic detection tool that can automatically detect the cryptographic algorithm to efficiently analyze cryptographic algorithms as a form of IDA plug-in module. This tool can be used to detect and track cryptographic algorithms used in arbitrary executables on Windows OS system.\",\"PeriodicalId\":160708,\"journal\":{\"name\":\"2019 International Conference on Green and Human Information Technology (ICGHIT)\",\"volume\":\"47 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 International Conference on Green and Human Information Technology (ICGHIT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICGHIT.2019.00031\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Conference on Green and Human Information Technology (ICGHIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICGHIT.2019.00031","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

可执行二进制文件可以在Windows环境中使用OpenSSL和Crypto++等开放库使用加密模块开发。为了确定嵌入式加密算法和检测二进制文件中使用的加密模块，在拆解和分析二进制文件时需要对内部结构有很高的了解。而对可执行二进制文件进行逆向工程是非常困难的。因此，我们开发了一种自动检测工具，可以自动检测加密算法，以一种IDA插件模块的形式有效地分析加密算法。此工具可用于检测和跟踪Windows操作系统上任意可执行文件中使用的加密算法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Automatic Detection of Cryptographic Algorithms in Executable Binary Files using Advanced Code Chain

Executable binary files can be developed using cryptographic modules using open libraries such as OpenSSL and Crypto++ in Windows environments. To determine the embedded encryption algorithms and detect cryptographic modules used in binary files, a high degree of knowledge on internal structure is required in de-assembling and analyzing. And the reverse engineering process on executable binary file is very difficult. Therefore, we developed an automatic detection tool that can automatically detect the cryptographic algorithm to efficiently analyze cryptographic algorithms as a form of IDA plug-in module. This tool can be used to detect and track cryptographic algorithms used in arbitrary executables on Windows OS system.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 International Conference on Green and Human Information Technology (ICGHIT)

自引率

0.00%

发文量