基于流分析的可执行程序结构化表示工具

计算机工程与应用 ›› 2007, Vol. 43 ›› Issue (16): 95-98.

基于流分析的可执行程序结构化表示工具

王伟^1,2，韦韬¹，罗海宁²

1.北京大学计算机科学研究所，北京 100871
2.武警工程学院电子技术系，西安 710086

收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-06-01 发布日期:2007-06-01
通讯作者: 王伟

Executable program structural representation tool based on flow analysis

WANG Wei^1,2，WEI Tao¹，LUO Hai-ning²

1.Institute of Computer Science & Technology，Peking University，Beijing 100871，China
2.Department of Electronic Technology，Engineering College of the Armed Police Force，Xi’an 710086，China

Received:1900-01-01 Revised:1900-01-01 Online:2007-06-01 Published:2007-06-01
Contact: WANG Wei

摘要/Abstract

摘要： 直接面向可执行程序进行安全漏洞分析时，首先需要得到二进制代码的中间语言表示。探讨了流分析技术在汇编代码理解中的应用，并在Linux平台上实现了一个轻量级汇编代码结构化表示工具BESTAR。该系统利用控制流和数据流分析技术识别通用控制结构，分析程序执行流，重构表达式和函数，发现数据依赖关系，将汇编代码转换成一个结构化、易理解的中间语言程序，为进一步进行安全分析打下了基础。

Abstract: The first step of directly analyzing security vulnerabilities of an executable program is to obtain a structural intermediate representation of its binary code.This paper explores application of flow analysis in assembler understanding，and introduces a lightweight prototype of assembler structural representation tool that we implemented on Linux，named BESTAR.The system uses control flow analysis and data flow analysis techniques to identify common control structures，analyzes executive flow of a program，reconstruct expressions and functions，finds data dependency，finally transforms the assembler into a structural and easy-understanding intermediate language program and makes a good preparation for further security analysis.

王伟^1,2，韦韬¹，罗海宁². 基于流分析的可执行程序结构化表示工具[J]. 计算机工程与应用, 2007, 43(16): 95-98.

WANG Wei^1,2，WEI Tao¹，LUO Hai-ning². Executable program structural representation tool based on flow analysis[J]. Computer Engineering and Applications, 2007, 43(16): 95-98.