KEY GENERATION SOURCE IDENTIFICATION DEVICE, KEY GENERATION SOURCE IDENTIFICATION METHOD, AND COMPUTER READABLE MEDIUM

KEY GENERATION SOURCE IDENTIFICATION DEVICE, KEY GENERATION SOURCE IDENTIFICATION METHOD, AND COMPUTER READABLE MEDIUM

A key generation source identification device (10) is provided with a key identification unit (11) to cause malware to execute an encryption process, acquire an execution trace representing an execution status of the encryption process, and identify an encryption key used in the encryption process a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: NEGI, Tomonori, NISHIKAWA, Hiroki, KAWAUCHI, Kiyoto
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A key generation source identification device (10) is provided with a key identification unit (11) to cause malware to execute an encryption process, acquire an execution trace representing an execution status of the encryption process, and identify an encryption key used in the encryption process as an analysis key based on the execution trace, and an extraction unit (31) to extract, from the execution trace, a list of instructions on which the analysis key depends, as an instruction list. The key generation source identification device (10) is also provided with an acquisition unit (32) to determine whether a function called by a call instruction included in the instruction list is a dynamic acquisition function that acquires dynamic information dynamically changing and, when the function is the dynamic acquisition function, acquire the instruction list as a candidate of a key generation source which is at least a part of a program that generated the analysis key in the encryption process.