Top-Level Goals in Reverse Engineering Executable Software
ABSTRACT
People perform reverse engineering to discover vulnerabilities, to understand how attackers could exploit vulnerabilities, and to determine ways in which vulnerabilities might be mitigated. People reverse engineer executable programs to determine the structure, function, and behavior of software from unknown provenance that may not be trustworthy or safe to use.
Reverse engineering also allows the investigation of malicious code to understand how it works and how to circumvent self-protection and stealth techniques used by malware authors. Finally, reverse engineering can help engineers determine how to interface with legacy software that only exists in executable form. Although each of these applications of reverse engineering provides part of an organization’s defensive knowledge of its information systems, there has been relatively little work in understanding the human factors involved with reverse engineering software from executable code. Consequently, reverse engineering work remains a highly specialized skill, and many reverse engineering tools are difficult for analysts to use. To better understand the human factors considerations of reverse engineering executable software, the authors conducted semi-structured interviews with five nationally-renowned subject matter expert reverse engineers and analyzed the verbal data from the interviews using two analysis approaches. Thematic analysis techniques borrowed from educational psychology were used to investigate themes from the interview responses, first at the idea level, then at the sentence level. The responses were decomposed into a set of main goals described in this paper.
AUTHORS
Riverside Research
Beavercreek, OH, USA
Adam Bryant earned a BS in Social Psychology from Park University in 2001, an MS in Information Resource Management from the Air Force Institute of Technology (AFIT) in 2007, a second MS in Computer Science from AFIT in 2007, and a PhD in Computer Science from AFIT in 2012.
Air Force Institute of Technology
Wright-Patterson AFB, OH, USA
Department of Systems and Engineering Management, Air Force Institute of Technology& Wright-Patterson AFB, OH,
USA
Michael R. Grimaila (BSEE 1993; MSEE 1995; Ph.D. 1999, Texas A&M University) is a professor and the head of the Department of Systems Engineering and Management at the Air Force Institute of Technology, Wright-Patterson Air Force Base in Ohio, U.S. He is a member of Tau Beta Pi, Eta Kappa Nu, and the Association for Computing Machinery, and a Senior Member of the IEEE, as well as a Fellow of the Information System Security Association.
Air Force Institute of Technology
Wright-Patterson AFB, OH, USA
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
