Journal of Computer Applications ›› 2012, Vol. 32 ›› Issue (04): 1060-1063.DOI: 10.3724/SP.J.1087.2012.01060
• Artificial intelligence • Previous Articles Next Articles
ZHANG Ping,JIANG Lie-hui,LIU Tie-ming,XIE Yao-bin
Received:
Revised:
Online:
Published:
Contact:
张平,蒋烈辉,刘铁铭,谢耀滨
通讯作者:
作者简介:
Abstract: Aiming at the problem that operating system type is difficult to recognize in embedded firmware reversing analysis, an recognition technology which is based on MADM(Multi-attribute Decision Making) was proposed. Comprehensively analyzed the multiply features in the firmware, built a recognition model, calculated the similarity using the vector included angle cosine method. The basic idea of recognition and the concrete realization of the process were described. Experimental results show that this method can get more accurate recognition results in some cases that some features are missed.
Key words: embedded, firmware, reverse analysis, operating system, Multi-attribute Decision Making(MADM), vector included angle cosine, similarity
摘要: 针对嵌入式固件逆向解析过程中操作系统类型识别困难的问题,提出了一种基于多属性决策的嵌入式操作系统识别技术。对固件映像中反映出的嵌入式操作系统的多种特征进行综合分析并构建了相关的识别模型,利用向量夹角余弦计算与标准系统之间的相似度。阐述了识别的基本思想和具体实现流程。实验结果表明,该方法在某些特征缺失的情况下仍能得到较准确的识别结果。
关键词: 嵌入式, 固件, 逆向解析, 操作系统, 多属性决策, 向量夹角余弦, 相似度
CLC Number:
TP316
ZHANG Ping JIANG Lie-hui LIU Tie-ming XIE Yao-bin. Research of embedded systems recognition based on MADM2[J]. Journal of Computer Applications, 2012, 32(04): 1060-1063.
张平 蒋烈辉 刘铁铭 谢耀滨. 基于多属性决策的嵌入式操作系统识别技术研究2[J]. 计算机应用, 2012, 32(04): 1060-1063.
0 / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://www.joca.cn/EN/10.3724/SP.J.1087.2012.01060
http://www.joca.cn/EN/Y2012/V32/I04/1060