| In contemporary China, the rapid development of the Internet and information technology has changed people’s life style, and become an important new growth point in economic development.Various industries are actively embracing the Internet to achieve the combination with the industry and the Internet. However, behind the surface of prosperity, more and more software security problems have been exposed within the industry.This phenomenon proves the existence of opportunities and risks at the same time. A variety of important data have become the target of criminals and how to solve the problem of software security take the attention of the whole society.On software security issues, in addition to strangle malicious action from the source to the manufacturers, the existence of software reverse engineer is also a protection for software security. Software reverse engineer analysis assembly code to obtain the software operating mechanism and the function, thereby reproducing the whole work-flow of the software. However, the software reverse engineering is tedious, long working period and difficult to use the existing results of the work. Therefore, the software security is an extremely important and difficult issues under the field of information security.This paper develops the binary code matching and analysis system to address the high repeatability of the software reverse engineering. By function matching on function layer, minimize the repetitive tasks and ultimately achieve the similarity between software.This paper introduce the system on two specific perspective.On the point of system implementation, we developed a MVC model based Web application. The application using Python-based Django framework and background database using MongoDB.The system modules include user login and registration module, user rights management module, work-space management module, software management module, data processing module, feature extraction modules, software and function matchingmodule. These modules work together. Users can use the system upload target software and extract function feature. By this way we reduce the workload of the duplicate reverse work. On the point of innovative approach,we referenced the existing function matching method and advanced a certain degree of innovation. In the feature extraction module, for each function we extract function features,including the function static characteristic, the function CFG features characteristic, the function strings characteristic, the function calls characteristic and the function prototype features.a total of 13 top-five relationship feature items, which includes 13 features various methods have been characterized by consolidation, as well as the method of outstanding new several new features, feature extraction function is one of the highlights of the collection process. Matching function in the software module, when matching different software functions, using a double-feature based on the relationship between function calls packet matching algorithm, the algorithm is another highlight of this method lies.Firstly, the experimental test parameters tuning the angle of a pretreatment on the feature set, and proved the effectiveness of the systems approach and from the point of view of practical application of two different evolutionary analysis software has been upgraded, the final test the results showed that the availability and effectiveness of the system.Finally upgrade from matching algorithm optimization and upgrading of system functions both for the future development of the system has made reasonable planning. |
PDF Full Text Request