SVM-based Instruction Set Identification for Grid Device Firmware

Identifying the binary program instruction set is an important prerequisite for reverse analysis of firmware, but grid device firmware usually lacks a program description header, which poses a serious challenge to instruction set identification. This paper proposes an SVM-based instruction set recognition method(SVM-IBPS). First, the optimal feature list is obtained by the instruction set feature selection method of information gain, and then the SVM-IBPS model is trained by Support Vector Machine and tested in the dataset of 111,918 executable files, which is decompressed and extracted from the embedded device firmware. Finally, a comparative experiment was conducted with Binwalk and SVM-IBPS. The experimental results show that the accuracy of SVM-IBPS on the test dataset is 98.97%, which is 20.7% higher than that of Binwalk, and the time cost is only about one-ninth of it.