Understanding how reverse engineers make sense of programs from assembly language representations
by Bryant, Adam R., Ph.D., AIR FORCE INSTITUTE OF TECHNOLOGY, 2012, 266 pages; 3498579

Abstract:

This dissertation presents a theory of how reverse engineers make sense of executable programs. The theory describes the process of sensemaking in reverse engineering as a goal-directed planning-based search activity, in which the reverse engineer interacts with an executable program using reverse engineering tools in order to construct a mental model and working understanding of the functionality of the program. This theory is developed through a case study, semi-structured interviews with expert reverse engineers, and observations of reverse engineers performing a reverse engineering task. The theory of sensemaking in reverse engineering is a step toward building autonomy into analysis tools so they will be able to discovery vulnerabilities in complex software-based systems and analyze executable programs to determine whether those programs contain undocumented malicious functionality and should not be trusted.

 
AdviserRobert F. Mills
SchoolAIR FORCE INSTITUTE OF TECHNOLOGY
SourceDAI/B 73-07(E), p. , Mar 2012
Source TypeDissertation
SubjectsComputer engineering; Computer science
Publication Number3498579
Adobe PDF Access the complete dissertation:
 

» Find an electronic copy at your library.
  Use the link below to access a full citation record of this graduate work:
  http://gateway.proquest.com/openurl%3furl_ver=Z39.88-2004%26res_dat=xri:pqdiss%26rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation%26rft_dat=xri:pqdiss:3498579
  If your library subscribes to the ProQuest Dissertations & Theses (PQDT) database, you may be entitled to a free electronic version of this graduate work. If not, you will have the option to purchase one, and access a 24 page preview for free (if available).

About ProQuest Dissertations & Theses
With over 2.3 million records, the ProQuest Dissertations & Theses (PQDT) database is the most comprehensive collection of dissertations and theses in the world. It is the database of record for graduate research.

The database includes citations of graduate works ranging from the first U.S. dissertation, accepted in 1861, to those accepted as recently as last semester. Of the 2.3 million graduate works included in the database, ProQuest offers more than 1.9 million in full text formats. Of those, over 860,000 are available in PDF format. More than 60,000 dissertations and theses are added to the database each year.

If you have questions, please feel free to visit the ProQuest Web site - http://www.proquest.com - or call ProQuest Hotline Customer Support at 1-800-521-3042.