摘要： 在可执行代码中识别密码算法对于查找恶意代码、保护计算机系统安全有着重要的意义。该文在对汇编级密码算法特征分析的基础上，提出了汇编级密码算法特征度量元的概念，并采用七维特征向量对其进行形式化描述，建立基于Bayes决策的密码算法识别模型，测试结果表明该模型稳定、准确，能够高效地定位代码中的密码算法。

关键词: 算法识别, 程序理解, 决策模型, 特征度量元

Abstract: Recognizing cryptogram algorithm from executable codes plays an important significance in checking malicious codes and protecting computer system. This paper brings forward the concept of assemble cryptogram algorithm characteristic-measurement based on analyzing a lot of assemble cryptogram algorithms, and using seven-dimension characteristic vector to describe it, then constructs a cryptogram algorithm recognition model based on Bayes decision-making. The testing shows that this model is scalable and exact.

Key words: algorithm recognition, program understanding, decision-making model, haracteristic-measurement

中图分类号: 

• TP301.6