Code: NIE-REV Reverse Engineering
Lecturer: Ing. Josef Kokeš Ph.D. Weekly load: 1P+2C Completion: A, EX
Department: 18106 Credits: 5 Semester: W
Description:
Students will learn fundamentals of reverse engineering of computer software (methods of executing and initializing programs, organization of executable files, work with third-party libraries). Special attention will be paid to C ++. Students will also become familiar with the principles of debugging tools, disassemblers and obfuscation methods. Finally, the course will focus on code compression and decompression and executable file reconstruction.
Contents:
1. Introduction to reverse engineering
2. Analysis of a program's flow
3. Analysis of C++ classes
4. Disassembling and obfuscation
5. Compiler recognition
6. Debugging and anti-debugging
7. Malware
Seminar contents:
1. Introduction to debuggers and assembler
2. Basic function analysis, stack frame
3. Reverse engineering tools
4. PE file structure, Import Address Table
5. Type information analysis
6. Analysis of obfuscated programs
7. Advanced obfuscation techniques
8. Reconstruction of packed files
9. Antidebugging
10. Code injection
11. Reverse analysis of high level languages
Recommended literature:
[1] Eilam, E.: Reversing: Secrets of Reverse Engineering. Wiley. 2005. 987-0-7645-7481-8.
[2] Eagle, C.: The IDA Pro Book: The unofficial Guide to the World's Most Popular Disassembler. No Starch Press. 2011. 987-1-59327-289-0.
[3] Seacord, R. C.: Secure Coding in C and C++. Software Engineering Institute, Carnegie Mellon University. 2013. 987-0-321-82213-0.
[4] Russinovich M. - Solomon D. A. - Ionescu A.: Windows Internals Part 1. Microsoft Press. 2012. 987-0-7356-4873-9.
[5] Russinovich M. - Solomon D. A. - Ionescu A.: Windows Internals Part 2. Microsoft Press. 2012. 987-0-7356-6587-3.
Keywords:
Reverse engineering, executable file analysis, malware, security, assembler, machine code.

Abbreviations used:

Semester:

Mode of completion of the course:

Weekly load (hours per week):