Research Article
BAHK: Flexible Automated Binary Analysis Method with the Assistance of Hardware and System Kernel
Table 1
Other results by the first specific analysis approach.
| | Program | Number of EPT violations (million) | Proportion of simple paths (%) | Processor time (PM-FI) | Physical memory occupation (PM-FI) | Execution time of PM (s) |
| | Tasklist | 16.8 | 91 | 24%-24% | 53M-41M | 10.2 | | Systeminfo | 6.9 | 88 | 22%-24% | 51M-37M | 9.3 | | Certutil | 25.3 | 92 | 25%-25% | 45M-36M | 7.2 | | Notepad | 9.1 | 87 | 18%-19% | 84M-42M | 20 | | XPS | 16.6 | 89 | 22%-23% | 90M-44M | 21 | | FFmpeg | 34.8 | 91 | 21%-24% | 64M-45M | 11.2 | | WinRAR | 201.1 | 98 | 28%-65% | 92M-85M | 9.7 | | Curl | 8.9 | 94 | 16%-21% | 33M-35M | 9.0 |
|
|
