Method and algorithms of visual audit of program interaction

Mikhail V. Buinevich, Konstantin E. Izrailov, Igor V. Kotenko, Pavel A. Kurta
2021 Journal of Internet Services and Information Security  
Modern software products consist of a lot of executable files. Simultaneously, there are complex data flows between them. As a result, the task of auditing such data interactions of programs arises. In particular, this can be in demand in the field of information security for detecting holes in architectures of solutions. Such types of programs as PE (for Windows), ELF (for Linux), CIL (.Net bite code), JBC (Java bite code) and Script (interpretable code) should be mentioned. The types of
more » ... ctions include direct program fetching, direct import of libraries and exchange of external files. The paper discusses the authors' own method of analysing software products and visualizing the interaction of programs to be studied by the Expert subsequently. The work of the method is based on the generalized model of interactions set analytically. The authors describe the results of the experiment with the developed prototype, implementing this method for five standardized and qualitatively different software products. The results of the experiment are analyzed by the expert from the point of view of product information security. A conclusion is made about the necessity of automatizing the expert's work. For this purpose, we propose the corresponding algorithms as the pseudo-code.
doi:10.22667/jisis.2021.02.28.016 dblp:journals/jisis/BuinevichIKK21 fatcat:65mcfrw6dff53pite2ckc4o3vu