CSCI 49906990 Reverse Engineering Spring 2009 Prof. Golden G by wuj11310


									           CSCI 4990/6990: Reverse Engineering
                                   Spring 2009
                            Prof. Golden G. Richard III
                         11-12:15pm on Tuesday/Thursday
   Reverse engineering involves deep analysis of the code, structure, and functionality of software
   using both static and dynamic methods. This course will provide students with a solid foundation
   in reverse engineering, which is crucial to understanding modern malicious software and in
   crafting potential solutions to recover from and prevent attacks. Reverse engineering is also useful
   for creating interoperable software, for verifying that software patches function as promised, and
   for the simple joy of understanding at a deep level how software works.

   A number of state-of-the-art analysis tools will be available in our laboratory environment for students
   taking this class, including IDA Pro, Olly Debug, and HBGary’s Responder Professional.

   Prerequisites: CSCI 4401, experience with C and Intel assembler
   Topics include:

   •     Overview of current and next-generation malicious software
             o Viruses, worms, trojans
             o BOTNETs
             o Polymorphic and metamorphic malware
   •     Low level software
             o Overview of Intel assembler language
             o Virtual machines for interpreted high-level languages
             o Representation of compiled high level language structures in assembler
   •     Win32 / Linux / Mac OS X operating systems internals
   •     Static and dynamic analysis of software
             o IDA Pro
             o OllyDbg
             o Filesystem and registry tracing
   •     Advanced reverse engineering techniques
             o Encrypted/packed executables
             o Anti-debugging techniques
             o Code obfuscation
   •     Defensive Strategies Against Malware
             o Worm Fingerprinting / Signature Generation
             o Hardware Agents for System Integrity Checking
             o Behavioral Approaches to Detection of Malware

       Textbooks for this course are The Ida Pro Book and Reversing: Secrets of Reverse Engineering.

Grading is based on participation, significant reverse engineering projects, a midterm exam, and a final exam.

To top