Activity: Talk or presentation › Oral presentation
Description
Although the localization and classification of cryptographic functions in binary files is a growing challenge in
information security, it is still a time consuming and laborious task. In this work, we present FALKE-MC, a novel framework
that creates classifiers for arbitrary cryptographic algorithms from sample binaries. Functions are automatically recognized
and features as well as constants are extracted. They are used to train a neural network, which can then be applied to
classify functions in unknown binary files. The framework is fully automated, from the input of binary files and the creation
of a classifier through to the output of classification results. The evaluation shows that our approach offers a high detection
rate in combination with a low false positive rate. We are confident that FALKE-MC can simplify and accelerate the
localization and classification of cryptographic functions in practice.