摘要: 在可执行代码中识别密码算法对于查找恶意代码、保护计算机系统安全有着重要的意义。该文在对汇编级密码算法特征分析的基础上,提出了汇编级密码算法特征度量元的概念,并采用七维特征向量对其进行形式化描述,建立基于Bayes决策的密码算法识别模型,测试结果表明该模型稳定、准确,能够高效地定位代码中的密码算法。
关键词:
算法识别,
程序理解,
决策模型,
特征度量元
Abstract: Recognizing cryptogram algorithm from executable codes plays an important significance in checking malicious codes and protecting computer system. This paper brings forward the concept of assemble cryptogram algorithm characteristic-measurement based on analyzing a lot of assemble cryptogram algorithms, and using seven-dimension characteristic vector to describe it, then constructs a cryptogram algorithm recognition model based on Bayes decision-making. The testing shows that this model is scalable and exact.
Key words:
algorithm recognition,
program understanding,
decision-making model,
haracteristic-measurement
中图分类号:
李继中;蒋烈辉;尹 青;刘铁铭;郭 佳. 基于Bayes决策的密码算法识别技术[J]. 计算机工程, 2008, 34(20): 159-160.
LI Ji-zhong; JIANG Lie-hui; YIN Qing; LIU Tie-ming; GUO Jia. Cryptogram Algorithm Recognition Technology Based on Bayes Decision-making[J]. Computer Engineering, 2008, 34(20): 159-160.