A Task Analysis of Static Binary Reverse Engineering for Security

dc.contributor.author Nyre-Yu, Megan
dc.contributor.author Butler, Karin
dc.contributor.author Bolstad, Cheryl
dc.date.accessioned 2021-12-24T17:37:35Z
dc.date.available 2021-12-24T17:37:35Z
dc.date.issued 2022-01-04
dc.description.abstract Software is ubiquitous in society, but understanding it, especially without access to source code, is both non-trivial and critical to security. A specialized group of cyber defenders conducts reverse engineering (RE) to analyze software. The expertise-driven process of software RE is not well understood, especially from the perspective of workflows and automated tools. We conducted a task analysis to explore the cognitive processes that analysts follow when using static techniques on binary code. Experienced analysts were asked to statically find a vulnerability in a small binary that could allow for unverified access to root privileges. Results show a highly iterative process with commonly used cognitive states across participants of varying expertise, but little standardization in process order and structure. A goal-centered analysis offers a different perspective about dominant RE states. We discuss implications about the nature of RE expertise and opportunities for new automation to assist analysts using static techniques.
dc.format.extent 10 pages
dc.identifier.doi 10.24251/HICSS.2022.275
dc.identifier.isbn 978-0-9981331-5-7
dc.identifier.uri http://hdl.handle.net/10125/79608
dc.language.iso eng
dc.relation.ispartof Proceedings of the 55th Hawaii International Conference on System Sciences
dc.rights Attribution-NonCommercial-NoDerivatives 4.0 International
dc.rights.uri https://creativecommons.org/licenses/by-nc-nd/4.0/
dc.subject Cyber Deception and Cyberpsychology for Defense
dc.subject cybersecurity
dc.subject reverse engineering
dc.subject cognitive process
dc.subject automation
dc.title A Task Analysis of Static Binary Reverse Engineering for Security
dc.type.dcmi text
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
1.11 MB
Adobe Portable Document Format