Preview

«System analysis and applied information science»

Advanced search

Algorithm for extracting metadata from an executable file At the disassembly stage of software

https://doi.org/10.21122/2309-4923-2026-1-77-81

Abstract

The article presents an algorithm for automatic extraction of metadata from executable software files at the disassembly stage. Methods for reading binary content, converting byte sequences into string representation, and filtering the obtained data using PowerShell and strings.exe utility are considered. An experiment was conducted confirming the possibility of extracting structural and textual elements of executable modules without their complete decompilation. The aim of this work is to improve the efficiency of analyzing binary applications by highlighting internal structural data at an early research stage. Methods used include static analysis, reverse engineering, text analytics, PowerShell scripting, and command-line tools. Results achieved include a working algorithm capable of extracting basic metadata characterizing the structure and functional dependencies of executable code. The scientific novelty of the research consists in the following points: A new algorithm has been developed for extracting metadata from executable files without decompiling or loading them into a disassembler; A method of binary analysis with sequential transformation of byte arrays into text form with data filtration has been proposed; Integration of PowerShell and strings.exe utilities into a unified analysis scheme ensuring compatibility and automation has been implemented; Classification of extracted data into textual, system, and structural elements has been defined; Textual analytics technique has been applied for the first time in the context of binary analysis, thus expanding reverse engineering methods.

About the Author

I. Moskalev
Moscow Technical University of Communications and Informatics
Russian Federation

I. Moskalev – аssistant.

Narodnoe Opolchenie St., 32,
123423, Moscow,
Russia

i.s.moskalev@mtuci.ru



References

1. Balanov A.N. Kompleksnaya informatsionnaya bezopasnost. Polnyy spravochnik spetsialista. Prakticheskoye posobiye [Comprehensive Information Security. Complete reference book for specialists. Practical guide]. Moscow: Infra-Inzheneriya; 2024. 156 p. (in Russian).

2. Barkov A.V., Kiselev A.S. Vliyaniye tsifrovizatsii na pravovoye obespecheniye informatsionnoy bezopasnosti gosudarstva i biznesa v usloviyakh sovremennykh geopoliticheskikh vyzovov [The Impact of Digitalization on the Legal Regulation of the Information Security of State and Business in the Conditions of Modern Geopolitical Challenges]. Bezopasnost Biznesa. 2022;3:3–7 (in Russian).

3. Barkov A.V., Kiselev A.S. O pravovom obespechenii bezopasnosti informatsionno-telekommunikatsionnoy infrastruktury bankov i gosudarstvennykh struktur [On the Legal Support for the Security of Information and Telecommunication Infrastructure of Banks and Government Agencies]. Bankovskoye Pravo. 2022;4:20–27 (in Russian).

4. Bondarev V.V. Vvedeniye v informatsionnuyu bezopasnost avtomatizirovannykh sistem [Introduction to the Information Security of Automated Systems]. 3rd ed. Moscow: Izdatel’stvo MGTU im. N. E. Baumana; 2021. 250 p. (in Russian).

5. Melnikov V.P. Kupriyanov A.I., Vasilyeva T.Yu. Informatsionnaya bezopasnost [Information Security]. 2nd ed., revised and supplemented. Moscow: KnoRus; 2020. 371 p. (in Russian).

6. Galygina L.V., Galygina I.V. Sotsialnyye aspekty informatsionnoy bezopasnosti [Social Aspects of Information Security]. Moscow: Lan; 2021. 64 p. (in Russian).

7. Grishina N.V. Osnovy informatsionnoy bezopasnosti predpriyatiya [Fundamentals of Enterprise Information Security]. Moscow: Infra-M; 2021. 216 p. (in Russian).


Review

For citations:


Moskalev I. Algorithm for extracting metadata from an executable file At the disassembly stage of software. «System analysis and applied information science». 2026;(1):77-81. (In Russ.) https://doi.org/10.21122/2309-4923-2026-1-77-81

Views: 187

JATS XML


Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.


ISSN 2309-4923 (Print)
ISSN 2414-0481 (Online)