research-article

Free access

An observational investigation of reverse engineers' processes

AUTHORs:

Daniel Votipka,

Kristopher Micinski,

Jeffrey S. Foster,

Michelle M. MazurekAuthors Info & Claims

SEC'20: Proceedings of the 29th USENIX Conference on Security Symposium

Article No.: 106, Pages 1875 - 1892

Published: 12 August 2020 Publication History

PDF eReader Publisher Site

Abstract

Reverse engineering is a complex process essential to software-security tasks such as vulnerability discovery and malware analysis. Significant research and engineering effort has gone into developing tools to support reverse engineers. However, little work has been done to understand the way reverse engineers think when analyzing programs, leaving tool developers to make interface design decisions based only on intuition.

This paper takes a first step toward a better understanding of reverse engineers' processes, with the goal of producing insights for improving interaction design for reverse engineering tools. We present the results of a semi-structured, observational interview study of reverse engineers (N=16). Each observation investigated the questions reverse engineers ask as they probe a program, how they answer these questions, and the decisions they make throughout the reverse engineering process. From the interview responses, we distill a model of the reverse engineering process, divided into three phases: overview, sub-component scanning, and focused experimentation. Each analysis phase's results feed the next as reverse engineers' mental representations become more concrete. We find that reverse engineers typically use static methods in the first two phases, but dynamic methods in the final phase, with experience playing large, but varying, roles in each phase. Based on these results, we provide five interaction design guidelines for reverse engineering tools.

References

[1]

D. Votipka, R. Stevens, E. M. Redmiles, J. Hu, and M. L. Mazurek, "Hackers vs. testers: A comparison of software vulnerability discovery processes," in IEEE S&P '18, May 2018, pp. 374-391.

[2]

M. Ceccato, P. Tonella, C. Basile, B. Coppens, B. De Sutter, P. Falcarin, and M. Torchiano, "How professional hackers understand protected code while performing attack tasks," in ICPC '17. Piscataway, NJ, USA: IEEE Press, 2017, pp. 154-164. [Online]. Available:.

Digital Library

[3]

E. Eilam, Reversing: secrets of reverse engineering. John Wiley & Sons, 2011.

[4]

D. Fraze, "Computer and Humans Exploring Software Security (CHESS)," DARPA, 2017, (Accessed 05-31-2019). [Online]. Available: https://www.darpa.mil/program/computers-and-humans-exploring-software-security.

[5]

K. Yakdan, S. Dechand, E. Gerhards-Padilla, and M. Smith, "Helping johnny to analyze malware: A usability-optimized decompiler and malware analysis user study," in IEEE S&P '16, May 2016, pp. 158- 177.

[6]

Y. Shoshitaishvili, M. Weissbacher, L. Dresel, C. Salls, R. Wang, C. Kruegel, and G. Vigna, "Rise of the hacrs: Augmenting autonomous cyber reasoning systems with human assistance," in CCS '17. ACM, 2017.

Digital Library

[7]

N. Rutar, C. B. Almazan, and J. S. Foster, "A comparison of bug finding tools for java," in ISSRE '04. IEEE Computer Society, 2004, pp. 245-256.

[8]

D. Baca, B. Carlsson, K. Petersen, and L. Lundberg, "Improving software security with static automated code analysis in an industry setting." Software: Practice and Experience, vol. 43, no. 3, pp. 259-279, 2013.

[9]

A. Doupé, M. Cova, and G. Vigna, "Why johnny can't pentest: An analysis of black-box web vulnerability scanners," in DIMVA '10. Springer-Verlag, 2010, pp. 111-131.

[10]

A. Austin and L. Williams, "One technique is not enough: A comparison of vulnerability discovery techniques," in ESEM '11. IEEE Computer Society, 2011, pp. 97-106.

Digital Library

[11]

N. Antunes and M. Vieira, "Comparing the effectiveness of penetration testing and static code analysis on the detection of sql injection vulnerabilities in web services," in PRDC '09. IEEE Computer Society, 2009, pp. 301-306.

Digital Library

[12]

L. Suto, "Analyzing the effectiveness and coverage of web application security scanners," BeyondTrust, Inc, Tech. Rep., 2007. [Online]. Available: https://www.beyondtrust.com/resources/white-paper/analyzing-the-effectiveness-and-coverage-of-web-application-security-scanners/

[13]

L. Suto, "Analyzing the accuracy and time costs of web application security scanners," BeyondTrust, Inc, Tech. Rep., 2010. [Online]. Available: https://www.beyondtrust.com/wp-content/uploads/Analyzing-the-Accuracy-and-Time-Costs-of-Web-Application-Security-Scanners.pdf

[14]

G. McGraw and J. Steven, "Software [in]security: Comparing apples, oranges, and aardvarks (or, all static analysis tools are not created equal," Cigital, 2011, (Accessed 02-26-2017). [Online]. Available: http://www.informit.com/articles/article.aspx?p=1680863

[15]

W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, "Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones," in OSDI '10. Berkeley, CA, USA: USENIX Association, 2010, pp. 393-407. [Online]. Available: http://dl.acm.org/citation.cfm?id=1924943.1924971

[16]

C. Cadar, D. Dunbar, D. R. Engler et al., "Klee: Unassisted and automatic generation of high-coverage tests for complex systems programs." in OSDI '08, vol. 8, 2008, pp. 209-224.

[17]

S. K. Cha, T. Avgerinos, A. Rebert, and D. Brumley, "Unleashing mayhem on binary code," in IEEE S&P '12. IEEE Computer Society, 2012, pp. 380-394.

[18]

N. Stephens, J. Grosen, C. Salls, A. Dutcher, R. Wang, J. Corbetta, Y. Shoshitaishvili, C. Kruegel, and G. Vigna, "Driller: Augmenting fuzzing through selective symbolic execution," in NDSS '16, no. 2016. Internet Society, 2016, pp. 1-16.

[19]

Hex-Rays, "Ida: About," 2019, (Accessed 05-30-2019). [Online]. Available: https://www.hex-rays.com/products/ida/

[20]

Vector35, "Binary.ninja: A reverse engineering platform," 2019, (Accessed 05-30-2019). [Online]. Available: https://binary.ninja/

[21]

Synopsys, "Coverity scan - static analysis," 2019, (Accessed 05-30-2019). [Online]. Available: https://scan.coverity.com/

[22]

ForAllSecure, "Forallsecure," 2019, (Accessed 05-30-2019). [Online]. Available: https://forallsecure.com/

[23]

Hex-Rays, "Plug-in contest 2018: Hall of fame," 2019, (Accessed 05- 30-2019). [Online]. Available: https://www.hex-rays.com/contests/2018/index.shtml

[24]

Vector35, "Vector35/community-plugins," 2019, (Accessed 05-30- 2019). [Online]. Available: https://github.com/Vector35/community-plugins/tree/master/plugins

[25]

B. Shneiderman and C. Plaisant, Designing the User Interface: Strategies for Effective Human-Computer Interaction, 4th ed. Pearson, 2016.

[26]

S. Letovsky, "Cognitive processes in program comprehension," in ESP '86. Norwood, NJ, USA: Ablex Publishing Corp., 1986, pp. 58-79. [Online]. Available: http://dl.acm.org/citation.cfm?id=21842.28886

[27]

T. D. LaToza, D. Garlan, J. D. Herbsleb, and B. A. Myers, "Program comprehension as fact finding," in ESEC/FSE '07. New York, NY, USA: ACM, 2007, pp. 361-370. [Online]. Available:.

Digital Library

[28]

V. Arunachalam and W. Sasso, "Cognitive processes in program comprehension: An empirical analysis in the context of software reengineering," Journal on System Software, vol. 34, no. 3, pp. 177- 189, Sep. 1996. [Online]. Available:.

Digital Library

[29]

T. Roehm, R. Tiarks, R. Koschke, and W. Maalej, "How do professional developers comprehend software?" in ICSE '12. Piscataway, NJ, USA: IEEE Press, 2012, pp. 255-265. [Online]. Available: http://dl.acm.org/citation.cfm?id=2337223.2337254

[30]

L. Gugerty and G. Olson, "Debugging by skilled and novice programmers," in CHI '86. New York, NY, USA: ACM, 1986, pp. 171-174. [Online]. Available:.

Digital Library

[31]

R. Brooks, "Towards a theory of the comprehension of computer programs," International Journal of Man-Machine Studies, vol. 18, no. 6, pp. 543 - 554, 1983. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S0020737383800315

[32]

A. Von Mayrhauser and A. Vans, "Industrial experience with an integrated code comprehension model," Software Engineering Journal, vol. 10, no. 5, pp. 171-182, 1995.

[33]

F. Detienne, "Chapter 3.1 - expert programming knowledge: A schema-based approach," in Psychology of Programming. London: Academic Press, 1990, pp. 205 - 222. [Online]. Available: http://www.sciencedirect.com/science/article/pii/B9780123507723500185

[34]

A. J. Ko, B. A. Myers, M. J. Coblenz, and H. H. Aung, "An exploratory study of how developers seek, relate, and collect relevant information during software maintenance tasks," IEEE Transactions on Software Engineering, vol. 32, no. 12, pp. 971-987, Dec. 2006. [Online]. Available:.

Digital Library

[35]

N. Pennington, "Stimulus structures and mental representations in expert comprehension of computer programs," Cognitive Psychology, vol. 19, no. 3, pp. 295 - 341, 1987. [Online]. Available: http://www.sciencedirect.com/science/article/pii/0010028587900077

[36]

D. C. Littman, J. Pinto, S. Letovsky, and E. Soloway, "Mental models and software maintenance," in ESP '86. Norwood, NJ, USA: Ablex Publishing Corp., 1986, pp. 80-98. [Online]. Available: http://dl.acm.org/citation.cfm?id=21842.28887

[37]

E. J. Chikofsky and J. H. Cross, "Reverse engineering and design recovery: a taxonomy," IEEE Software, vol. 7, no. 1, pp. 13-17, Jan 1990.

Digital Library

[38]

P. OKane, S. Sezer, and K. McLaughlin, "Obfuscation: The hidden malware," IEEE Security and Privacy, vol. 9, no. 5, pp. 41-47, Sep. 2011.

Digital Library

[39]

M. Ligh, S. Adair, B. Hartstein, and M. Richard, Malware analyst's cookbook and DVD: tools and techniques for fighting malicious code. John Wiley & Sons, 2010.

Digital Library

[40]

A. Harper, S. Harris, J. Ness, C. Eagle, G. Lenkey, and T. Williams, Gray hat hacking: the ethical hacker's handbook, 3rd ed. McGraw-Hill Education, 2018.

[41]

G. A. Klein, "Recognition-primed decisions," Advances in manmachine systems research, vol. 5, pp. 47-92, 1989.

[42]

G. A. Klein, R. Calderwood, and A. Clinton-Cirocco, "Rapid decision making on the fire ground," in HFES '86, vol. 30, no. 6. Sage Publications Sage CA: Los Angeles, CA, 1986, pp. 576-580.

[43]

J. A. Cannon-Bowers and E. E. Salas, Making decisions under stress: Implications for individual and team training. American psychological association, 1998.

[44]

G. A. Klein, R. Calderwood, and D. Macgregor, "Critical decision method for eliciting knowledge," ICSMCCCS '89, vol. 19, no. 3, pp. 462-472, 1989.

[45]

G. A. Klein, Sources of power: How people make decisions. MIT press, 2017.

[46]

A. Bryant, "Understanding how reverse engineers make sense of programs from assembly language representations," Ph.D. dissertation, US Air Force Institute of Technology, 01 2012.

[47]

K. G. Ross, G. A. Klein, P. Thunholm, J. F. Schmitt, and H. C. Baxter, "The recognition-primed decision model," Army Combined Arms Center Military Review, Tech. Rep., 2004.

[48]

C. E. Zsambok and G. Klein, Naturalistic decision making. Psychology Press, 2014.

[49]

G. A. Klein and C. P. Brezovic, "Design engineers and the design process: Decision strategies and human factors literature," Human Factors in Ergonomics and Society, vol. 30, no. 8, pp. 771-775, 1986.

[50]

G. Klein, D. Klinger, and T. Miller, "Using decision requirements to guide the design process," in ICSMCCCS '97, vol. 1, Oct 1997, pp. 238-244 vol.1.

[51]

J. Rasmussen, "Skills, rules, and knowledge; signals, signs, and symbols, and other distinctions in human performance models," ICSMCCCS '83, vol. SMC-13, no. 3, pp. 257-266, May 1983.

[52]

T. Yamaguchi, H. Nitta, J. Miyamichi, and T. Takagi, "Distributed sensory intelligence architecture for human centered its," in IECON '00, vol. 1, Oct 2000, pp. 509-514 vol.1.

[53]

H. Ohno, "Analysis and modeling of human driving behaviors using adaptive cruise control," in IECON '00, vol. 4, Oct 2000, pp. 2803- 2808 vol.4.

[54]

M. A. J. Arne Worm, "Information-centered human-machine systems analysis for tactical command and control systems modeling and development," in ICSMCCCS '00, vol. 3, Oct 2000, pp. 2240-2246 vol.3.

[55]

S. Akbari and M. B. Menhaj, "A new framework of a decision support system for air to air combat tasks," in ICSMCCCS '00, vol. 3, Oct 2000, pp. 2019-2022 vol.3.

[56]

T. E. Miller, S. P. Wolf, M. L. Thordsen, and G. Klein, "A decision-centered approach to storyboarding anti-air warfare interfaces," Fairborn, OH: Klein Associates Inc. Prepared under contract, no. 66001, 1992.

[57]

K. Ohtsuka, ""scheduling tracing", a technique of knowledge elicitation for production scheduling," in ICSMCCCS '97, vol. 2, Oct 1997, pp. 1033-1038 vol.2.

[58]

D. W. Klinger, R. Stottler, and S. R. LeClair, "Manufacturing application of case-based reasoning," in NAECON '92, May 1992, pp. 855-859 vol.3.

[59]

A. Von Mayrhauser and S. Lang, "Program comprehension and enhancement of software," in IFIP World Computing Congress on Information Technology and Knowledge Engineering, 1998.

[60]

T. D. LaToza and B. A. Myers, "Developers ask reachability questions," in ICSE '10. New York, NY, USA: ACM, 2010, pp. 185-194. [Online]. Available:.

Digital Library

[61]

B. Johnson, Y. Song, E. Murphy-Hill, and R. Bowdidge, "Why don't software developers use static analysis tools to find bugs?" in ICSE '13. IEEE Press, 2013, pp. 672-681.

[62]

J. Smith, B. Johnson, E. Murphy-Hill, B. Chu, and H. R. Lipford, "Questions developers ask while diagnosing potential security vulnerabilities with static analysis," in ESEC/FSE '15. New York, NY, USA: ACM, 2015, pp. 248-259.

[63]

S. Krüger, J. Späth, K. Ali, E. Bodden, and M. Mezini, "CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs," in ECOOP '18, ser. Leibniz International Proceedings in Informatics (LIPIcs), T. Millstein, Ed., vol. 109, Dagstuhl, Germany, 2018, pp. 10:1-10:27.

[64]

K. Charmaz, Constructing Grounded Theory: A Practical Guide Through Qualitative Analysis. SagePublication Ltd, London, 2006.

[65]

J. Annett, "Hierarchical task analysis," Handbook of cognitive task design, vol. 2, pp. 17-35, 2003.

[66]

A. Strauss and J. Corbin, Basics of qualitative research: Techniques and procedures for developing grounded theory. Newbury Park, CA: Sage, 1998, vol. 15.

[67]

A. F. Hayes and K. Krippendorff, "Answering the call for a standard reliability measure for coding data," Communication methods and measures, vol. 1, no. 1, pp. 77-89, 2007.

[68]

D. G. Freelon, "Recal: Intercoder reliability calculation as a web service," International Journal of Internet Science, vol. 5, no. 1, pp. 20-33, 2010.

[69]

M. Lombard, J. Snyder-Duch, and C. C. Bracken, "Content analysis in mass communication: Assessment and reporting of intercoder reliability," Human communication research, vol. 28, no. 4, pp. 587-604, 2002.

[70]

C. Dietrich, K. Krombholz, K. Borgolte, and T. Fiebig, "Investigating system operators' perspective on security misconfigurations," in CCS '18. ACM, 2018.

[71]

G. Guest, A. Bunce, and L. Johnson, "How many interviews are enough? an experiment with data saturation and variability," Field methods, vol. 18, no. 1, pp. 59-82, 2006.

[72]

Hackerone, "2019 bug bounty hacker report," Hackerone, Tech. Rep., March 2019. [Online]. Available: https://www.hackerone.com/sites/default/files/2019-03/the-2019-hacker-report_0.pdf

[73]

A. Zeller, Why programs fail: a guide to systematic debugging. Elsevier, 2009.

[74]

M. P. Robillard, W. Coelho, and G. C. Murphy, "How effective developers investigate source code: an exploratory study," IEEE Transactions on Software Engineering, vol. 30, no. 12, pp. 889-903, Dec 2004.

Digital Library

[75]

T. Roehm, R. Tiarks, R. Koschke, and W. Maalej, "How do professional developers comprehend software?" in ICSE '12. Piscataway, NJ, USA: IEEE Press, 2012, pp. 255-265. [Online]. Available: http://dl.acm.org/citation.cfm?id=2337223.2337254

[76]

Y. Shoshitaishvili, R. Wang, A. Dutcher, L. Dresel, E. Gustafson, N. Redini, P. Grosen, C. Unger, C. Salls, N. Stephens, C. Hauser, J. Grosen, C. Kruegel, and G. Vigna, "Lighthouse | code coverage explorer for ida pro & binary ninja," 2019, (Accessed 08-21-2019). [Online]. Available: http://angr.io

[77]

J. Henry, D. Monniaux, and M. Moy, "Pagai: A path sensitive static analyser," Electronic Notes in Theoretical Computer Science, vol. 289, pp. 15-25, Dec. 2012. [Online]. Available:.

Digital Library

[78]

Hex-Rays, "Ida: Lumina server," Hex-Rays, 2017, (Accessed 01-06- 2019). [Online]. Available: https://www.hex-rays.com/products/ida/lumina/index.shtml

[79]

Radare, "Radare," 2019, (Accessed 11-11-2019). [Online]. Available: https://rada.re/n/radare2.html

[80]

M. Gaasedelen, "Lighthouse | code coverage explorer for ida pro & binary ninja," 2018, (Accessed 08-21-2019). [Online]. Available: https://github.com/gaasedelen/lighthouse

[81]

Hex-Rays, "Hex-rays decompiler: Overview," Hex-Rays, 2019, (Accessed 11-11-2019). [Online]. Available: https://www.hex-rays.com/products/decompiler/

[82]

I. Haller, A. Slowinska, M. Neugschwandtner, and H. Bos, "Dowsing for overflows: A guided fuzzer to find buffer boundary violations," in USENIX Security '13. Washington, D.C.: USENIX, 2013, pp. 49-64.

[83]

T. Wang, T. Wei, G. Gu, and W. Zou, "Taintscope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection," in S&P '10, May 2010, pp. 497-512. 1890 29th USENIX Security Symposium USENIX Association

[84]

W. Drewry and T. Ormandy, "Flayer: Exposing application internals," in WOOT '07, 2007.

[85]

M. Y. Wong and D. Lie, "Intellidroid: A targeted input generator for the dynamic analysis of android malware." in NDSS '16. Internet Society, 2016, pp. 21-24.

[86]

C. Zheng, S. Zhu, S. Dai, G. Gu, X. Gong, X. Han, and W. Zou, "Smartdroid: An automatic system for revealing ui-based trigger conditions in android applications," in SPSM '12. New York, NY, USA: ACM, 2012, pp. 93-104.

[87]

T. Szabó, S. Erdweg, and M. Voelter, "Inca: A dsl for the definition of incremental program analyses," in ASE '16. New York, NY, USA: ACM, 2016, pp. 320-331. [Online]. Available:.

Digital Library

[88]

Y. Smaragdakis, M. Bravenboer, and O. Lhoták, "Pick your contexts well: Understanding object-sensitivity," in Proceedings of the 38th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, ser. POPL '11. New York, NY, USA: ACM, 2011, pp. 17-30. [Online]. Available:

Digital Library

[89]

G. Kastrinis and Y. Smaragdakis, "Hybrid context-sensitivity for points-to analysis," SIGPLAN Notes, vol. 48, no. 6, pp. 423-434, Jun. 2013. [Online]. Available:.

Digital Library

[90]

T. Gilray, M. D. Adams, and M. Might, "Allocation characterizes polyvariance: A unified methodology for polyvariant control-flow analysis," SIGPLAN Notes, vol. 51, no. 9, pp. 407-420, Sep. 2016. [Online]. Available:.

Digital Library

[91]

L. Battle and J. Heer, "Characterizing exploratory visual analysis: A literature review and evaluation of analytic provenance in tableau," Computer Graphics Forum, 2019. [Online]. Available: http://idl.cs.washington.edu/papers/exploratory-visual-analysis.

[92]

B. Shneiderman, "The eyes have it: a task by data type taxonomy for information visualizations," in IEEE Symposium on Visual Languages, Sep. 1996, pp. 336-343.

Digital Library

[93]

J. Heer and B. Shneiderman, "Interactive dynamics for visual analysis," Communications of the ACM, vol. 55, no. 4, pp. 45-54, Apr. 2012. [Online]. Available:.

Digital Library

[94]

A. Perer and B. Shneiderman, "Systematic yet flexible discovery: Guiding domain experts through exploratory data analysis," in IUI '08. New York, NY, USA: ACM, 2008, pp. 109-118. [Online]. Available:.

Digital Library

[95]

A. Kalinin, U. Cetintemel, and S. Zdonik, "Interactive data exploration using semantic windows," in SIGMOD '14. New York, NY, USA: ACM, 2014, pp. 505-516. [Online]. Available:.

Digital Library

[96]

T. Siddiqui, A. Kim, J. Lee, K. Karahalios, and A. Parameswaran, "E_ortless data exploration with zenvisage: An expressive and interactive visual analytics system," VLDB Endowment, vol. 10, no. 4, pp. 457-468, Nov. 2016. [Online]. Available:.

Digital Library

[97]

J. S. Yi, Y. a. Kang, and J. Stasko, "Toward a deeper understanding of the role of interaction in information visualization," IEEE Transactions on Visualization and Computer Graphics, vol. 13, no. 6, pp. 1224-1231, Nov 2007.

Digital Library

[98]

J. Heer, J. Mackinlay, C. Stolte, and M. Agrawala, "Graphical histories for visualization: Supporting analysis, communication, and evaluation," IEEE Transactions on Visualization and Computer Graphics, vol. 14, no. 6, pp. 1189-1196, Nov 2008.

Digital Library

[99]

T. j. Jankun-Kelly, K. Ma, and M. Gertz, "A model and framework for visualization exploration," IEEE Transactions on Visualization and Computer Graphics, vol. 13, no. 2, pp. 357-369, March 2007.

Digital Library

[100]

W. A. Pike, J. Stasko, R. Chang, and T. A. O'Connell, "The science of interaction," Information Visualization, vol. 8, no. 4, pp. 263-274, 2009.

Digital Library

[101]

L. Battle, R. Chang, and M. Stonebraker, "Dynamic prefetching of data tiles for interactive visualization," in SIGMOD '16. New York, NY, USA: ACM, 2016, pp. 1363-1375. [Online]. Available:

Digital Library

[102]

D. Gotz and Z.Wen, "Behavior-driven visualization recommendation," in IUI '09. New York, NY, USA: ACM, 2009, pp. 315-324. [Online].

Digital Library

[103]

K. Dimitriadou, O. Papaemmanouil, and Y. Diao, "Explore-byexample: An automatic query steering framework for interactive data exploration," in SIGMOD '14. New York, NY, USA: ACM, 2014, pp. 517-528. [Online]. Available:.

Digital Library

[104]

M. Vartak, S. Rahman, S. Madden, A. Parameswaran, and N. Polyzotis, "Seedb: E_cient data-driven visualization recommendations to support visual analytics," VLDB Endowment, vol. 8, no. 13, pp. 2182-2193, Sep. 2015. [Online]. Available:.

Digital Library

Cited By

Wiesen CBecker SWalendy RPaar CRummel N(2023)The Anatomy of Hardware Reverse Engineering: An Exploration of Human Factors During Problem SolvingACM Transactions on Computer-Human Interaction10.1145/357719830:4(1-44)Online publication date: 12-Sep-2023
https://dl.acm.org/doi/10.1145/3577198
Huaman NKrause AWermke DKlemmer JStransky CAcar YFahl SChiasson SKapadia A(2022)If you can't get them to the labProceedings of the Eighteenth USENIX Conference on Usable Privacy and Security10.5555/3563609.3563626(313-330)Online publication date: 8-Aug-2022
https://dl.acm.org/doi/10.5555/3563609.3563626

Index Terms

An observational investigation of reverse engineers' processes

Index terms have been assigned to the content through auto-classification.

Recommendations

An Observational Investigation of Reverse Engineers' Process and Mental Models
CHI EA '19: Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems

Reverse engineering is a complex task essential to several software security jobs like vulnerability discovery and malware analysis. While traditional program comprehension tasks (e.g., program maintenance or debugging) have been thoroughly studied, ...
COMSOL for Engineers
Understanding how reverse engineers make sense of programs from assembly language representations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

SEC'20: Proceedings of the 29th USENIX Conference on Security Symposium

August 2020

2809 pages

ISBN:978-1-939133-17-5

Program Chairss:
Srdjan Capkun
ETH Zurich
,
Franziska Roesner
University of Washington

Copyright © 2020.

Sponsors

Facebook
Microsoft
IBM
ByteDance
Google Inc.

Publisher

USENIX Association

United States

Publication History

Published: 12 August 2020

Qualifiers

Research-article

Acceptance Rates

Overall Acceptance Rate 40 of 100 submissions, 40%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
68
Total Downloads

Downloads (Last 12 months)42
Downloads (Last 6 weeks)13

Reflects downloads up to 23 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wiesen CBecker SWalendy RPaar CRummel N(2023)The Anatomy of Hardware Reverse Engineering: An Exploration of Human Factors During Problem SolvingACM Transactions on Computer-Human Interaction10.1145/357719830:4(1-44)Online publication date: 12-Sep-2023
https://dl.acm.org/doi/10.1145/3577198
Huaman NKrause AWermke DKlemmer JStransky CAcar YFahl SChiasson SKapadia A(2022)If you can't get them to the labProceedings of the Eighteenth USENIX Conference on Usable Privacy and Security10.5555/3563609.3563626(313-330)Online publication date: 8-Aug-2022
https://dl.acm.org/doi/10.5555/3563609.3563626

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents