An Exploratory Study of Software Reverse Engineering in a Security Context

PDF

Authors
  1. Treude, C.
  2. Figueira, F.
  3. Storey, M.-A.
  4. Salois, M.
Corporate Authors
Defence R&D Canada - Valcartier, Valcartier QUE (CAN);Victoria Univ, Victoria BC (CAN) Dept of Computer Science
Abstract
Illegal activities in cyberspace are increasing rapidly, and many software reverse engineers are tasked to respond to attacks by groups and individuals. A security-sensitive context such as the understanding of malware or the decryption of encrypted content brings unique challenges to reverse engineering: work has to be done offline, files can rarely be shared, time pressure is immense, and there is a lack of tool and process support for capturing and sharing the knowledge obtained while trying to understand plain assembly code. To help us gain an understanding of this reverse engineering work, we report on an exploratory study done in a security context at a research and development government organization to explore their work processes, tools and artifacts. We identify challenges such as the management and navigation of a myriad of artifacts.We conclude by offering suggestions for tool and process improvements.
Report Number
DRDC-VALCARTIER-SL-2011-379 — Scientific Literature
Date of publication
01 Jun 2011
Number of Pages
5
DSTKIM No
CA036911
CANDIS No
536558
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: