US 12,339,952 B2
Program analysis device, program analysis method, and computer-readable medium
Yusuke Shimada, Tokyo (JP); and Takayuki Sasaki, Tokyo (JP)
Assigned to NEC CORPORATION, Tokyo (JP)
Appl. No. 18/021,001
Filed by NEC Corporation, Tokyo (JP)
PCT Filed Aug. 19, 2020, PCT No. PCT/JP2020/031227
§ 371(c)(1), (2) Date Feb. 13, 2023,
PCT Pub. No. WO2022/038701, PCT Pub. Date Feb. 24, 2022.
Prior Publication US 2024/0037215 A1, Feb. 1, 2024
Int. Cl. G06F 21/56 (2013.01); G06F 21/51 (2013.01)
CPC G06F 21/51 (2013.01) [G06F 2221/033 (2013.01)] 6 Claims
OG exemplary drawing
 
1. A program analysis device comprising:
at least one memory storing instructions; and
at least one processor configured to execute the instructions to:
extract code blocks having specific qualities from code blocks included in binary data of a program;
calculate, for each code block that is extracted, based on the contents of operations in each code block, a backdoor score, which is a score indicating the possibility of each code block being a backdoor code or a score indicating the degree of impact of each code block on a system when it is executed; and
output the code blocks that are extracted and the backdoor score that is calculated for each of the extracted code blocks,
wherein the at least one processor is further configured to execute the instructions to:
extract, from the code blocks included in the binary data, code blocks that cannot be reached through a normal control flow when the program is executed as the code blocks having specific qualities; or
extract, from the codes included in the binary data, code blocks which do not go through the prescribed function as the code blocks having specific qualities.