CY 640 Software Reverse Engineering
This course provides the ability to deduce the design of a software component, to determine how something works (i.e., recover the software specification), discover data used by software, and to aid in the analysis of software via disassembly and/or decompilation. Topics include malware analysis and auditing of closed source software. The ability to understand the software of unknown origin or software for which source code is unavailable is a critical skill within the cyber operations field.
Covered the following topics: reverse engineering techniques; reverse engineering for software specification recovery; reverse engineering for malware analysis; reverse engineering communications (to uncover communications protocols) deobfuscation of obfuscated code; common tools for reverse engineering such as disassemblers, debuggers, virtualization-based sandbox environments, process and file activity monitors, and network activity monitors
Outcomes
- This course will prepare students to:
- • Understand fundamental concepts of software reverse engineering.
- • Apply fundamentals, tools and techniques across multiple operating systems.
- • Analyze software construction, deconstruction, code analysis.
- • Evaluate common tools, programs, reverse engineering scenarios.
- • Create and execute a full-cycle reverse engineering procedure / process.