Abstract: The advantages and disadvantages of?existing behavioral analysis?system are analysed. To solve the problems encounted in reverse?analysis, such as?code?protection, instruction-level?dynamic?taint?analysis is studied and improved. Based on virtualization technology, a common reverse?analysis?platform is designed?to provide?assistance for?fields such as fuzzing and malicious-code detection. Plug-in?feature is supported to provide extendibility. The experimental?results?prove that ?with conventional?means of?reverse analysis, the proposed method can significantly improve the?analysis?efficiency.

Key words: virtualization, taint?analysis, reverse?analysis

摘要： 分析对比了现有的行为分析系统的优缺点，针对逆向分析过程中所遇到的代码保护技术等困难，研究并改进了指令级的动态污点分析技术。利用虚拟化技术，设计了一套具有通用性的逆向分析平台。研究插件结构实现可扩展性，以适应漏洞挖掘、恶意行为检测等领域的应用。经实验测试，该设计能与常规的逆向手段配合，显著地提高分析的效率。

关键词: 虚拟化, 污点分析, 逆向分析