Logo ČVUT
ČESKÉ VYSOKÉ UČENÍ TECHNICKÉ V PRAZE
STUDIJNÍ PLÁNY
2018/2019

Reverse Engineering

Přihlášení do KOSu pro zápis předmětu Zobrazit rozvrh
Kód Zakončení Kredity Rozsah Jazyk výuky
MIE-REV.16 Z,ZK 5 1P+2C
Přednášející:
Josef Kokeš
Cvičící:
Josef Kokeš
Předmět zajišťuje:
katedra informační bezpečnosti
Anotace:

Students get acquainted with essentials of reverse engineering of computer software. They will learn how processes start and what happens before and after the main function is called. Students will understand how executable files are organized and how they interact with 3rd party libraries. Another part of the course is dedicated to reverse engineering of C++. Students will also understand principles of disassemblers and obfuscation techniques. A part of the course will also be dedicated to debuggers ? how debuggers and debugging work and which methods can be used to detect it. At the end of the course compression and decompression and reconstruction of compressed code will be discussed. One of the lectures will be dedicated to the latest trends on the computer malware scene. The focus of the course is on the seminars, where students will solve practically oriented tasks from the real world.

Požadavky:

Knowledge of C, C++. Basic knowledge of programming in assembler/machine code..

Osnova přednášek:

1. Introduction to reverse engineering

2. Analysis of a program's flow

3. Analysis of C++ classes

4. Disassembling and obfuscation

5. Compiler recognition

6. Debugging and anti-debugging

7. Malware

Osnova cvičení:

1. Introduction to reverse engineering

2. Introduction to Intel assembler

3. Debugging, basic function analysis, stack frame

4. PE file structure, Import Address Table

5. Program analysis, available tools

6. Analysis of obfuscated programs

7. Consultation

8. Type information analysis

9. Obfuscation techniques

10. Reconstruction of packed files

11. Advanced code protection

12. Code injection

13. Reverse analysis of high level languages

Cíle studia:

Students get acquainted with essentials of reverse engineering of computer software. They will learn how processes start and what happens before and after the main function is called. Students will understand how executable files are organized and how they interact with 3rd party libraries. Another part of the course is dedicated to reverse engineering of C++. Students will also understand principles of disassemblers and obfuscation techniques. A part of the course will also be dedicated to debuggers ? how debuggers and debugging work and which methods can be used to detect it. At the end of the course compression and decompression and reconstruction of compressed code will be discussed. One of the lectures will be dedicated to the latest trends on the computer malware scene. The focus of the course is on the seminars, where students will solve practically oriented tasks from the real world.

Studijní materiály:

1. Eilam, E.: Reversing: Secrets of Reverse Engineering. Wiley. 2005. 987-0-7645-7481-8.

2. Eagle, C.: The IDA Pro Book: The unofficial Guide to the World's Most Popular Disassembler. No Starch Press. 2011. 987-1-59327-289-0.

3. Seacord, R. C.: Secure Coding in C and C++. Software Engineering Institute, Carnegie Mellon University. 2013. 987-0-321-82213-0.

4. Russinovich M. - Solomon D. A. - Ionescu A.: Windows Internals Part 1. Microsoft Press. 2012. 987-0-7356-4873-9.

5. Russinovich M. - Solomon D. A. - Ionescu A.: Windows Internals Part 2. Microsoft Press. 2012. 987-0-7356-6587-3.

Poznámka:

Informace o předmětu a výukové materiály naleznete na https://moodle.fit.cvut.cz/courses/MIE-REV.16/

Rozsah: 1p+2c

Další informace:
https://moodle.fit.cvut.cz/courses/MIE-REV.16/
Rozvrh na zimní semestr 2018/2019:
06:00–08:0008:00–10:0010:00–12:0012:00–14:0014:00–16:0016:00–18:0018:00–20:0020:00–22:0022:00–24:00
Po
Út
St
Čt
místnost T9:351
Kokeš J.
11:00–12:30
SUDÝ TÝDEN

(přednášková par. 1)
Dejvice
NBFIT PC ucebna

místnost T9:345
Kokeš J.
18:00–19:30
(přednášková par. 1
paralelka 101)

Dejvice
NBFIT BOU ucebna
Rozvrh na letní semestr 2018/2019:
Rozvrh není připraven
Předmět je součástí následujících studijních plánů:
Platnost dat k 16. 6. 2019
Aktualizace výše uvedených informací naleznete na adrese http://bilakniha.cvut.cz/cs/predmet4703606.html