A Task Analysis of Static Binary Reverse Engineering for Security
| dc.contributor.author | Nyre-Yu, Megan | |
| dc.contributor.author | Butler, Karin | |
| dc.contributor.author | Bolstad, Cheryl | |
| dc.date.accessioned | 2021-12-24T17:37:35Z | |
| dc.date.available | 2021-12-24T17:37:35Z | |
| dc.date.issued | 2022-01-04 | |
| dc.description.abstract | Software is ubiquitous in society, but understanding it, especially without access to source code, is both non-trivial and critical to security. A specialized group of cyber defenders conducts reverse engineering (RE) to analyze software. The expertise-driven process of software RE is not well understood, especially from the perspective of workflows and automated tools. We conducted a task analysis to explore the cognitive processes that analysts follow when using static techniques on binary code. Experienced analysts were asked to statically find a vulnerability in a small binary that could allow for unverified access to root privileges. Results show a highly iterative process with commonly used cognitive states across participants of varying expertise, but little standardization in process order and structure. A goal-centered analysis offers a different perspective about dominant RE states. We discuss implications about the nature of RE expertise and opportunities for new automation to assist analysts using static techniques. | |
| dc.format.extent | 10 pages | |
| dc.identifier.doi | 10.24251/HICSS.2022.275 | |
| dc.identifier.isbn | 978-0-9981331-5-7 | |
| dc.identifier.uri | http://hdl.handle.net/10125/79608 | |
| dc.language.iso | eng | |
| dc.relation.ispartof | Proceedings of the 55th Hawaii International Conference on System Sciences | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.subject | Cyber Deception and Cyberpsychology for Defense | |
| dc.subject | cybersecurity | |
| dc.subject | reverse engineering | |
| dc.subject | cognitive process | |
| dc.subject | automation | |
| dc.title | A Task Analysis of Static Binary Reverse Engineering for Security | |
| dc.type.dcmi | text |
Files
Original bundle
1 - 1 of 1