Software Reverse Engineering (SRE301)

Description

• Reverse Engineering is an important subject in the field of information security.
• Reverse has big significance in many fields such as finding software vulnerabilities, network vulnerabilities and protocols, analyze malware.
• Through this course, students can grasp the knowledge as follows: depth knowledge of the x86 processor platforms, x64 and ARM, analysis and understanding kernel of the Windows operating system, debugging tools, obfuscation of software protection and related exercises.

Course Implementation Plan

• Chapter 1: x86 and x64
• Chapter 2: ARM
• Chapter 3: The Windows Kernel
• Chapter 4: Debugging and Automation
• Chapter 5: Obfuscation

Exercise

• Realworld malicious software analysis
• Rootkit x86 and Rootkit x64
• Spyware
• Trojan Hourses

Assessment

• On-going assessment: 30%
• Exercise: 30%
• Mid-term test: 10% - Final test: 30%
• Final result: 100%
• Completion Criteria: Final exam score >=5 & Exercise >= 5 & Mid-term >=5 & Final result >=5

Book

• Bruce Dang, Alexandre Gazet, Elias Bachaalany, Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation, Wiley (ISBN: 9781118787311), 2014.
• Michael Sikorski, Andrew Honig, Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software, 1st Edition, No Starch Press, 2012.
• Daniel Kusswurm, Modern X86 Assembly Language Programming: 32-bit, 64-bit, SSE, and AVX, 1st ed. Edition, Apress, 2014.