The Method and Software Tool for Identification of the Machine Code Architecture in Cyberphysical Devices

This work solves the problem of identification of the machine code architecture in cyberphysical devices. A basic systematization of the Executable and Linkable Format and Portable Executable formats of programs, as well as the analysis mechanisms used and the goals achieved, is made. An ontological...

Full description

Saved in:
Bibliographic Details
Published inJournal of sensor and actuator networks Vol. 12; no. 1; p. 11
Main Authors Kotenko, Igor, Izrailov, Konstantin, Buinevich, Mikhail
Format Journal Article
LanguageEnglish
Published Basel MDPI AG 01.01.2023
Subjects
Algorithms
binary code
Computer software industry
cyberphysical device
Digital signatures
Identification
identification of machine code architecture
Information systems
machine code
machine learning
Methods
Microprocessors
Ontology
Software
SVM
Canada
Online AccessGet full text
ISSN2224-2708
2224-2708
DOI10.3390/jsan12010011

Cover

More Information
Summary:This work solves the problem of identification of the machine code architecture in cyberphysical devices. A basic systematization of the Executable and Linkable Format and Portable Executable formats of programs, as well as the analysis mechanisms used and the goals achieved, is made. An ontological model of the subject area is constructed, introducing the basic concepts and their relationships. The specificity of the machine code is analyzed, and an analytical record of the process of identifying the architecture of the machine code (MC) processor is obtained. A method for identifying the MC architecture has been synthesized, which includes three successive phases: unpacking the OS image (for a set of identified architectures); building signatures of architectures (their “digital portraits” from the position of MC instructions); identification of the MC architecture for the program under test (using the collected architecture signatures), implemented using four operating modes. A software tool for identifying the MC architecture has been developed in the form of a separate utility that implements the algorithms of the method. The principle of operation of the utility is presented in the form of functional and informational diagrams. Basic testing of the identification utility has been conducted. As a result, a probabilistic assessment of the utility’s work was obtained by assigning various programs to the Top-16 selected architectures.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2224-2708
2224-2708
DOI:10.3390/jsan12010011