Title :
Hybrid Method to Analyze Cryptography in Software
Author :
Li Ji-Zhong ; Jiang Lie-Hui ; Yin Qing ; Xie Yao-Bin
Author_Institution :
Inf. Sci. & Technol. Inst., Zhengzhou, China
Abstract :
Cryptography reversing of software has playing an important role in malware detecting and vulnerability mining recently. This paper has proposed a four-level cryptography reversing model which contains crypto algorithms recognition, crypto mechanism reversing, wrong/weak implement, vulnerability mining. Both dynamic and static analysis technology takes its shortage, for solving this problem, we have brought forward a hybrid method based on the assumption that static disassemble result is correct, and have studied the density of arithmetic and bit wise operation, crypto dynamic constants and entropy value of memory operation data to filter the cryptography primitives.
Keywords :
cryptography; data mining; entropy; invasive software; program diagnostics; safety-critical software; arithmetic operation; bitwise operation; crypto algorithm recognition; crypto dynamic constants; crypto mechanism reversing; cryptography primitives filtering; dynamic analysis technology; entropy value; four-level cryptography reversing model; hybrid method; malware detection mining; malware vulnerability mining; memory operation data; security software; static analysis technology; Algorithm design and analysis; Encryption; Entropy; Heuristic algorithms; Software; Software algorithms; cryptography reversing model; dynamic constant; entropy value; hybrid analysis;
Conference_Titel :
Multimedia Information Networking and Security (MINES), 2012 Fourth International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4673-3093-0
DOI :
10.1109/MINES.2012.121
