DocumentCode :
2329977
Title :
An Exploratory Study of Software Reverse Engineering in a Security Context
Author :
Treude, Christoph ; Filho, Fernando Figueira ; Storey, Margaret-Anne ; Salois, Martin
Author_Institution :
Dept. of Comput. Sci., Univ. of Victoria, Victoria, BC, Canada
fYear :
2011
fDate :
17-20 Oct. 2011
Firstpage :
184
Lastpage :
188
Abstract :
Illegal cyberspace activities are increasing rapidly and many software engineers are using reverse engineering methods to respond to attacks. The security-sensitive nature of these tasks, such as the understanding of malware or the decryption of encrypted content, brings unique challenges to reverse engineering: work has to be done offline, files can rarely be shared, time pressure is immense, and there is a lack of tool and process support for capturing and sharing the knowledge obtained while trying to understand plain assembly code. To help us gain an understanding of this reverse engineering work, we report on an exploratory study done in a security context at a research and development government organization to explore their work processes, tools, and artifacts. In this paper, we identify challenges, such as the management and navigation of a myriad of artifacts, and we conclude by offering suggestions for tool and process improvements.
Keywords :
cryptography; reverse engineering; software engineering; assembly code; cyberspace activity; decryption; encrypted content; malware; security context; software reverse engineering; time pressure; Assembly; Context; Documentation; Malware; Reverse engineering; Software; exploratory study; reverse engineering; security setting;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Reverse Engineering (WCRE), 2011 18th Working Conference on
Conference_Location :
Limerick
ISSN :
1095-1350
Print_ISBN :
978-1-4577-1948-6
Type :
conf
DOI :
10.1109/WCRE.2011.30
Filename :
6079841
Link To Document :
بازگشت