摘要： Cisco IOS无法进行动态调试分析，难以截获通信过程的系统异常。为此，提出一种Cisco IOS通信过程分析方法。构建路由器硬件抽象层虚拟机，设计虚拟化动态分析平台，给出关键指令流与通信特征的提取方法，对多指令集架构、多版本的Cisco IOS进行加载实验。实验结果表明，该方法可以有效截获指定通信处理过程。

关键词: 虚拟化, 动态分析, 通信过程, 关键指令流, 有限自动机

Abstract: Cisco IOS processes can not be dynamically analyzed, and it is difficult to intercept system abnormalities of communication process. A method based on virtualaization is proposed to analyze Cisco IOS communication process. Hardware abstraction layer virtual machine is constructed, and a dynamic analysis platform based on virtualization is designed for IOS. This paper introduces methods for extracting key instruction stream and communication features. The multiple instruction set architecture and multiple versions of Cisco IOS is proved. Experimental results show that this method can effectively intercept the designated communication process.

Key words: virtualization, dynamic analysis, communication process, key instruction stream, finite automata

中图分类号: 

• TP311