2021-2022 Catalog

ISEC 640 Software Reverse Engineering

This course provides the ability to deduce the design of a software component, to determine how something works (i.e., recover the software specification), discover data used by software, and to aid in the analysis of software via disassembly and/or decompilation. The ability to understand the software of unknown origin or software for which source code is unavailable is a critical skill within the cyber operations field. Use cases include malware analysis and auditing of closed source software.

Covered re the following topics: reverse engineering techniques; reverse engineering for software specification recovery; reverse engineering for malware analysis; reverse engineering communications (to uncover communications protocols) deobfuscation of obfuscated code; common tools for reverse engineering such as disassemblers, debuggers, virtualization-based sandbox environments, process and file activity monitors, and network activity monitors.

Credits

3

Outcomes

  1. This course will prepare students to:
  2. Understand fundamental concepts of software reverse engineering.
  3. Apply fundamentals, tools and techniques across multiple operating systems.
  4. Analyze software construction, deconstruction, code analysis.
  5. Evaluate common tools, programs, reverse engineering scenarios.
  6. Create and execute a full-cycle reverse engineering procedure/process.