Top-Level Goals in Reverse Engineering Executable Software

ABSTRACT

People perform reverse engineering to discover vulnerabilities, to understand how attackers could exploit vulnerabilities, and to determine ways in which vulnerabilities might be mitigated. People reverse engineer executable programs to determine the structure, function, and behavior of software from unknown provenance that may not be trustworthy or safe to use.

Reverse engineering also allows the investigation of malicious code to understand how it works and how to circumvent self-protection and stealth techniques used by malware authors. Finally, reverse engineering can help engineers determine how to interface with legacy software that only exists in executable form. Although each of these applications of reverse engineering provides part of an organization’s defensive knowledge of its information systems, there has been relatively little work in understanding the human factors involved with reverse engineering software from executable code. Consequently, reverse engineering work remains a highly specialized skill, and many reverse engineering tools are difficult for analysts to use. To better understand the human factors considerations of reverse engineering executable software, the authors conducted semi-structured interviews with five nationally-renowned subject matter expert reverse engineers and analyzed the verbal data from the interviews using two analysis approaches. Thematic analysis techniques borrowed from educational psychology were used to investigate themes from the interview responses, first at the idea level, then at the sentence level. The responses were decomposed into a set of main goals  described in this paper.


AUTHORS

Riverside Research
Beavercreek, OH, USA

Adam Bryant earned a BS in Social Psychology from Park University in 2001, an MS in Information Resource Management from the Air Force Institute of Technology (AFIT) in 2007, a second MS in Computer Science from AFIT in 2007, and a PhD in Computer Science from AFIT in 2012.

Air Force Institute of Technology
Wright-Patterson AFB, OH, USA

Photo of Michael Grimaila

Department of Systems and Engineering Management, Air Force Institute of Technology& Wright-Patterson AFB, OH,
USA

Michael R. Grimaila (BSEE 1993; MSEE 1995; Ph.D. 1999, Texas A&M University) is a professor and the head of the Department of Systems Engineering and Management at the Air Force Institute of Technology, Wright-Patterson Air Force Base in Ohio, U.S. He is a member of Tau Beta Pi, Eta Kappa Nu, and the Association for Computing Machinery, and a Senior Member of the IEEE, as well as a Fellow of the Information System Security Association. 

Air Force Institute of Technology
Wright-Patterson AFB, OH, USA

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com