MODEL OF DATA PREPARATION FOR ALLOCATION OF ALGORITHM FROM BINARY CODE FOR THE SAFETY ANALYSIS OF THE SOFTWARE
Main Article Content
Abstract
The subject of the study in the article is the use of technology of recovery of the algorithm for the allocation of binary attractors in the machine-independent form for the safety analysis of the software. The purpose is the first stage of the method of allocation of the algorithm from the binary code with the use of additional attractors - preparatory, which includes the task of allocating a set of attractors with simillar features and synthesis of information about the studied system. The following results are obtained. During the cource of the research the analysis of specialized simulators was performed. Such simulators allow to solve the problems of allocation (removal) of some algorithms from binary code. It was determined that additional attractors of the binary code of the program are required in order to increase he accuracy of software security testing. The general structure of the algorithm extraction from binary code is presented. A set of algorithms were developed. Conclusions. When combined they create the model of the first stage of data allocation of the algorithm from binary code for the analysis of software security. The key feature of development of this stage is the possibility of constructing a graph for arbitrary attractors, without restriction of the static nature of the code. This will allow a significant expansion of the spectrum of the program code under investigation, including codes with signs of a dynamic change. The further development of this research is to study the whole scheme and develop an appropriate method for allocating a binary code algorithm for software security analysis.
Article Details
References
Abushinov, O. (2017), Features of software security testing, available at: https://testitquickly.com/2010/11/20/22 (last accessed March 05, 2018).
Dorofeev A. (2017), Penetration testing: demonstration of one vulnerability or an objective evaluation of security, available at: https://www.npo-echelon.ru/doc/inside-dorofeev.pdf (last accessed March 05, 2018).
Zharkova, A.V. (2014), “On attractors in finite dynamical systems of binary vectors associated with palm orientations”, Applied Discrete Mathematics, Tomsk, No. 7, pp. 58-67.
Iljuk, D. (2017), Safety testing - choose the right one, available at: http://software-testing.ru/library/testing/security/1986-security-testing (last accessed March 05, 2018).
Kuznetsov, O.O. and Semenov, S.G. (2009), Protocols of the information zahistu at computer systems on that level, KhNURE, Kharkiv, 184 p.
Semenov, S.G. and Kassem, Khalifa (2017), “A complex of mathematical models for the process of disassembling software software”, Information technology and computer engineering, VNTU, Vinnitsa, No. 3 (40), pp. 61-68.
AMD SimNow Simulator (2016), available at: http://developer.amd.com/cpu/simnow/Pages/default.aspx (last accessed March 05, 2018).
IDA Pro – at the cornerstone of IT security (2016), available at: https://www.hex-rays.com/products/ida/ida-executive.pdf (last accessed March 05, 2018).
Ivancevic, Vladimir G., Ivancevic, Tijana T. (2007), High-Dimensional Chaotic and Attractor Systems: A Comprehensive Introduction, Springer Science & Business Media, 697 p.
Magnusson, P. S., Christensson, M., Eskilson, J., Forsgren, D., Hallberg, G., Hogberg, J., Larsson, F., Moestedt, A. and Werner, B. (2002), “A Full System Simulation Platform”, IEEE Computer, No 35 (2), pp. 50–58, available at : https://doi.org/10.1109/2.982916.
Robert, C. (2013), Seacord Secure Coding in C and C++, The SEI Series in Software Engineering, 569 p.