Reverse Code Engineering - State of the Art and Countermeasures

Willems C, Freiling F (2012)


Publication Type: Journal article, Original article

Publication year: 2012

Journal

Book Volume: 54

Pages Range: 53-64

Journal Issue: 2

DOI: 10.1524/itit.2012.0664

Abstract

Reverse Code Engineering (RCE) is, loosely speaking, the process of analyzing a piece of code in order to understand it. RCE is often used to analyze proprietary, binary programs, and in the last few years this research area has evolved a lot. In this article, we survey and structure the area of reverse code engineering. We focus on different techniques to recover both the control and data flow of a given binary program, for which no source code is available. Furthermore, we also discuss analysis techniques for malicious software (short: malware), which is commonly protected to resist analysis. We present the current state of the art of such protection techniques, while dividing them into active and passive measures. Our survey focusses on reverse engineering of binary native code for the Intel/AMD x86 architecture, and we thus disregard analysis of byte-code like Java or .NET. Nevertheless, most of the techniques presented in this article can be transferred to other architectures and operating system as well.

Authors with CRIS profile

How to cite

APA:

Willems, C., & Freiling, F. (2012). Reverse Code Engineering - State of the Art and Countermeasures. it - Information Technology, 54(2), 53-64. https://doi.org/10.1524/itit.2012.0664

MLA:

Willems, Carsten, and Felix Freiling. "Reverse Code Engineering - State of the Art and Countermeasures." it - Information Technology 54.2 (2012): 53-64.

BibTeX: Download