A program behavior recognition algorithm based on assembly instruction sequence similarity

  • Baojiang Cui
  • Chong WangEmail author
  • GuoWei Dong
  • JinXin Ma
Conference paper
Part of the Lecture Notes on Data Engineering and Communications Technologies book series (LNDECT, volume 2)


The analysis on assembly instruction sequence plays a vital role in the field of measuring software similarity, malware recognition and software analysis, etc. This paper summarizes the features of assembly instructions, builds a six-group model and puts forward an algorithm of calculating similarity of assembly instructions. On that base a set of methods of calculating similarity of assembly instruction sequence are summarized. The preliminary experimental results show that it has high efficiency and good effect.


Basic Block Static Recognition Operation Code Assembly Instruction National Engineer Laboratory 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Gröbert F, Willems C, Holz T. Automated Identification of Cryptographic Primitives in Binary Programs[J]. Lecture Notes in Computer Science, 2011:41-60.Google Scholar
  3. 3.
    Jingwei Zhang. Research on Public Key Cryptographic Algorithm Recognition Technology [D]. The PLA Information Engineering University, 2011.Google Scholar
  4. 4.
    LI Xiang, KANG Fei, SHU Hui. Cryptographic Algorithm Recognition Based on Dynamic Binary Analysis. Computer Engineering, 2012, 38(17): 106-109,115.Google Scholar
  5. 5.
    Caballero J, Yin H, Liang Z, et al. Polyglot: automatic extraction of protocol message format using dynamic binary analysis[J]. Ccs ’07 Proceedings of Acm Conference on Computer & Communications Security Acm, 2007:317–329.Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Baojiang Cui
    • 1
  • Chong Wang
    • 1
    Email author
  • GuoWei Dong
    • 2
  • JinXin Ma
    • 2
  1. 1.School of Computer ScienceBeijing University of Posts and Telecommunications, National Engineering Laboratory for Mobile Network SecurityBeijingChina
  2. 2.China Information Technology Security Evaluation CenterBeijingChina

Personalised recommendations