An observational investigation of reverse engineers' processes and mental models

Daniel Votipka, Seth Rabin, Kristopher Micinski, Jeffrey S. Foster, Michelle L. Mazurek

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Reverse engineering is a complex task essential to several software security jobs like vulnerability discovery and malware analysis [14]. While traditional program comprehension tasks (e.g., program maintenance or debugging) have been thoroughly studied [2, 9, 10], reverse engineering diverges from these tasks as reverse engineers do not have access to developers, source code, comments, or internal documentation. Further, reverse engineers often have to overcome countermeasures employed by the developer to make the task harder (e.g., symbol stripping, packing, obfuscation).

Original languageEnglish (US)
Title of host publicationCHI EA 2019 - Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems
PublisherAssociation for Computing Machinery
ISBN (Electronic)9781450359719
DOIs
StatePublished - May 2 2019
Externally publishedYes
Event2019 CHI Conference on Human Factors in Computing Systems, CHI EA 2019 - Glasgow, United Kingdom
Duration: May 4 2019May 9 2019

Publication series

NameConference on Human Factors in Computing Systems - Proceedings

Conference

Conference2019 CHI Conference on Human Factors in Computing Systems, CHI EA 2019
CountryUnited Kingdom
CityGlasgow
Period5/4/195/9/19

Fingerprint

Reverse engineering
Engineers
Malware

Keywords

  • Program Comprehension
  • Reverse Engineering

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Graphics and Computer-Aided Design

Cite this

Votipka, D., Rabin, S., Micinski, K., Foster, J. S., & Mazurek, M. L. (2019). An observational investigation of reverse engineers' processes and mental models. In CHI EA 2019 - Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems [3313040] (Conference on Human Factors in Computing Systems - Proceedings). Association for Computing Machinery. https://doi.org/10.1145/3290607.3313040

An observational investigation of reverse engineers' processes and mental models. / Votipka, Daniel; Rabin, Seth; Micinski, Kristopher; Foster, Jeffrey S.; Mazurek, Michelle L.

CHI EA 2019 - Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems. Association for Computing Machinery, 2019. 3313040 (Conference on Human Factors in Computing Systems - Proceedings).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Votipka, D, Rabin, S, Micinski, K, Foster, JS & Mazurek, ML 2019, An observational investigation of reverse engineers' processes and mental models. in CHI EA 2019 - Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems., 3313040, Conference on Human Factors in Computing Systems - Proceedings, Association for Computing Machinery, 2019 CHI Conference on Human Factors in Computing Systems, CHI EA 2019, Glasgow, United Kingdom, 5/4/19. https://doi.org/10.1145/3290607.3313040
Votipka D, Rabin S, Micinski K, Foster JS, Mazurek ML. An observational investigation of reverse engineers' processes and mental models. In CHI EA 2019 - Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems. Association for Computing Machinery. 2019. 3313040. (Conference on Human Factors in Computing Systems - Proceedings). https://doi.org/10.1145/3290607.3313040
Votipka, Daniel ; Rabin, Seth ; Micinski, Kristopher ; Foster, Jeffrey S. ; Mazurek, Michelle L. / An observational investigation of reverse engineers' processes and mental models. CHI EA 2019 - Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems. Association for Computing Machinery, 2019. (Conference on Human Factors in Computing Systems - Proceedings).
@inproceedings{899830453c664db8a6586a054343d5db,
title = "An observational investigation of reverse engineers' processes and mental models",
abstract = "Reverse engineering is a complex task essential to several software security jobs like vulnerability discovery and malware analysis [14]. While traditional program comprehension tasks (e.g., program maintenance or debugging) have been thoroughly studied [2, 9, 10], reverse engineering diverges from these tasks as reverse engineers do not have access to developers, source code, comments, or internal documentation. Further, reverse engineers often have to overcome countermeasures employed by the developer to make the task harder (e.g., symbol stripping, packing, obfuscation).",
keywords = "Program Comprehension, Reverse Engineering",
author = "Daniel Votipka and Seth Rabin and Kristopher Micinski and Foster, {Jeffrey S.} and Mazurek, {Michelle L.}",
year = "2019",
month = "5",
day = "2",
doi = "10.1145/3290607.3313040",
language = "English (US)",
series = "Conference on Human Factors in Computing Systems - Proceedings",
publisher = "Association for Computing Machinery",
booktitle = "CHI EA 2019 - Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems",

}

TY - GEN

T1 - An observational investigation of reverse engineers' processes and mental models

AU - Votipka, Daniel

AU - Rabin, Seth

AU - Micinski, Kristopher

AU - Foster, Jeffrey S.

AU - Mazurek, Michelle L.

PY - 2019/5/2

Y1 - 2019/5/2

N2 - Reverse engineering is a complex task essential to several software security jobs like vulnerability discovery and malware analysis [14]. While traditional program comprehension tasks (e.g., program maintenance or debugging) have been thoroughly studied [2, 9, 10], reverse engineering diverges from these tasks as reverse engineers do not have access to developers, source code, comments, or internal documentation. Further, reverse engineers often have to overcome countermeasures employed by the developer to make the task harder (e.g., symbol stripping, packing, obfuscation).

AB - Reverse engineering is a complex task essential to several software security jobs like vulnerability discovery and malware analysis [14]. While traditional program comprehension tasks (e.g., program maintenance or debugging) have been thoroughly studied [2, 9, 10], reverse engineering diverges from these tasks as reverse engineers do not have access to developers, source code, comments, or internal documentation. Further, reverse engineers often have to overcome countermeasures employed by the developer to make the task harder (e.g., symbol stripping, packing, obfuscation).

KW - Program Comprehension

KW - Reverse Engineering

UR - http://www.scopus.com/inward/record.url?scp=85067274289&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85067274289&partnerID=8YFLogxK

U2 - 10.1145/3290607.3313040

DO - 10.1145/3290607.3313040

M3 - Conference contribution

AN - SCOPUS:85067274289

T3 - Conference on Human Factors in Computing Systems - Proceedings

BT - CHI EA 2019 - Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems

PB - Association for Computing Machinery

ER -