{"title":"计算机安全分析,通过反编译和高级调试","authors":"C. Cifuentes, T. Waddington, M. Emmerik","doi":"10.1109/WCRE.2001.957846","DOIUrl":null,"url":null,"abstract":"The extensive use of computers and networks worldwide has raised the awareness of the need for tools and techniques to aid in computer security analysis of binary code, such as the understanding of viruses, trojans, worms, backdoors and general security flaws, in order to provide immediate solutions with or without the aid of software vendors. The paper is a proposal for a high-level debugging tool to be used by computer security experts, which will reduce the amount of time needed to solve security-related problems in executable programs. The current state of the art involves the tracing of thousands of lines of assembly code using a standard debugger. A high-level debugger would be capable of displaying a high-level representation of an executable program in the C language, hence reducing the number of lines that need to be inspected by an order of magnitude (i.e. hundreds instead of thousands of lines). Effectively, these techniques will help in reducing the amount of time needed to trace a security flaw in an executable program, as well as reducing the costs of acquiring or training skilled assembler engineers.","PeriodicalId":150878,"journal":{"name":"Proceedings Eighth Working Conference on Reverse Engineering","volume":"46 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2001-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"22","resultStr":"{\"title\":\"Computer security analysis through decompilation and high-level debugging\",\"authors\":\"C. Cifuentes, T. Waddington, M. Emmerik\",\"doi\":\"10.1109/WCRE.2001.957846\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The extensive use of computers and networks worldwide has raised the awareness of the need for tools and techniques to aid in computer security analysis of binary code, such as the understanding of viruses, trojans, worms, backdoors and general security flaws, in order to provide immediate solutions with or without the aid of software vendors. The paper is a proposal for a high-level debugging tool to be used by computer security experts, which will reduce the amount of time needed to solve security-related problems in executable programs. The current state of the art involves the tracing of thousands of lines of assembly code using a standard debugger. A high-level debugger would be capable of displaying a high-level representation of an executable program in the C language, hence reducing the number of lines that need to be inspected by an order of magnitude (i.e. hundreds instead of thousands of lines). Effectively, these techniques will help in reducing the amount of time needed to trace a security flaw in an executable program, as well as reducing the costs of acquiring or training skilled assembler engineers.\",\"PeriodicalId\":150878,\"journal\":{\"name\":\"Proceedings Eighth Working Conference on Reverse Engineering\",\"volume\":\"46 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2001-10-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"22\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings Eighth Working Conference on Reverse Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WCRE.2001.957846\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings Eighth Working Conference on Reverse Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WCRE.2001.957846","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Computer security analysis through decompilation and high-level debugging
The extensive use of computers and networks worldwide has raised the awareness of the need for tools and techniques to aid in computer security analysis of binary code, such as the understanding of viruses, trojans, worms, backdoors and general security flaws, in order to provide immediate solutions with or without the aid of software vendors. The paper is a proposal for a high-level debugging tool to be used by computer security experts, which will reduce the amount of time needed to solve security-related problems in executable programs. The current state of the art involves the tracing of thousands of lines of assembly code using a standard debugger. A high-level debugger would be capable of displaying a high-level representation of an executable program in the C language, hence reducing the number of lines that need to be inspected by an order of magnitude (i.e. hundreds instead of thousands of lines). Effectively, these techniques will help in reducing the amount of time needed to trace a security flaw in an executable program, as well as reducing the costs of acquiring or training skilled assembler engineers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
