Apparatus and method for identifying constituent parts of software binaries

Apparatus and method for identifying constituent parts of software binaries

An example method for determining a software classification is provided. The example method may include determining a plurality of substream boundaries including a first substream boundary within a representation of a software binary, and segmenting the representation of the software binary into a p...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Lospinuso, Margaret F, Glendenning, Laura J, Chiou, Tzuhsiu, Vinson, Sterling E, McGill, Kathleen N, Harshavardhana, Sakunthala, Seng, Robert M
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:An example method for determining a software classification is provided. The example method may include determining a plurality of substream boundaries including a first substream boundary within a representation of a software binary, and segmenting the representation of the software binary into a plurality of substreams. The example method may further include generating a first count string for a first substream based on operational class token counts in a tokenization of the first substream, where the tokenization of the first substream may be based on a mapping of commands within the first substream to operational classes. The example method may further include performing a first count string comparison with a reference database to determine a first count string match, where the first count string comparison being based on the first count string, and classifying the software binary based on the first count string match.