Research On Detection Of Binary Encryption Algorithm Based On Deep Learning Graph Embedded Network

Accurate identifying the binary encryption algorithm in the executable file is of great significance to software protection,malicious code detection,and password compliance detection.China has strict standards for the use of encryption algorithms,but existing detection methods such as low efficiency,High false alarm rate,difficult to complete detection and other defects.In order to solve these existing defects,binary encryption detection is made faster and more effective.This thesis proposes a similarity detection method for binary encryption algorithms based on deep learning graph embedded networks,which uses the graph structure to simultaneously display the structural information and semantic information of the binary algorithm,reflecting as many features of the encryption algorithm as possible,making model recognition more Effective and accurate.This thesis studies the following aspects:(1)This thesis studies the binary characteristics of encryption algorithms,and aims to analyze the structural and semantic characteristics that best represent the characteristics of the algorithm;through the special structure of different encryption algorithms,such as the instruction ratio,the operation code operand law,S box,etc.The integration of large integer applications and other information finally completes the expression of unique identification characteristics for encryption algorithms.(2)Relying on the expression structure of the encryption algorithm features that have been obtained,this thesis further builds an "encryption algorithm graph",integrates the extracted binary encryption algorithm structural features and semantic features,uses the flowchart as a carrier,and uses each basic block as a node,Give the statistical characteristics of the basic blocks to their respective no DES to form an initial structural feature map,and retain the characteristics of the binary encryption algorithm to the maximum extent.(3)In order to make up for the shortcomings of traditional deep learning for the feature learning of encryption algorithms,this thesis builds a convolutional neural network based on graph structure.By embedding the "encryption algorithm graph" in the neural network,the accurate conversion from "graph structure" to " Vector structure ".This simplifies theproblem,making it possible to judge the type of encryption algorithm by comparing the distance between encryption algorithm vectors.(4)In order to verify the effectiveness of the algorithm,this thesis DESigns the prototype system EDS(Encryption function graph Distinguish System).Select multiple open source encryption libraries and actual applications as test cases,and conduct comparative experiments with existing technologies.The success rate of detection can reach more than92% on average,and the effectiveness of the detection scheme of the binary encryption algorithm is verified in various ways.