Logo ČVUT
CZECH TECHNICAL UNIVERSITY IN PRAGUE
STUDY PLANS
2023/2024
UPOZORNĚNÍ: Jsou dostupné studijní plány pro následující akademický rok.

Reverse Engineering

Login to KOS for course enrollment Display time-table
Code Completion Credits Range Language
NIE-REV Z,ZK 5 1P+2C English
Garant předmětu:
Róbert Lórencz
Lecturer:
Jiří Dostál, Josef Kokeš
Tutor:
Jiří Dostál, Josef Kokeš
Supervisor:
Department of Information Security
Synopsis:

Students will learn fundamentals of reverse engineering of computer software (methods of executing and initializing programs, organization of executable files, work with third-party libraries). Special attention will be paid to C ++. Students will also become familiar with the principles of debugging tools, disassemblers and obfuscation methods. Finally, the course will focus on code compression and decompression and executable file reconstruction.

Requirements:

Very good knowledge of C, C++. Basic knowledge of programming in assembler/machine code.

Syllabus of lectures:

1. Introduction to reverse engineering

2. Analysis of a program's flow

3. Analysis of C++ classes

4. Disassembling and obfuscation

5. Compiler recognition

6. Debugging and anti-debugging

7. Malware

Syllabus of tutorials:

1. Introduction to debuggers and assembler

2. Basic function analysis, stack frame

3. Reverse engineering tools

4. PE file structure, Import Address Table

5. Type information analysis

6. Analysis of obfuscated programs

7. Advanced obfuscation techniques

8. Reconstruction of packed files

9. Antidebugging

10. Code injection

11. Reverse analysis of high level languages

Study Objective:

After he/she had completed the course, the student will be able to independently perform reverse analyses of binary executable files on the MS Windows platform, including analyzing obfuscated files (i.e. malware).

Study materials:

[1] Eilam, E.: Reversing: Secrets of Reverse Engineering. Wiley. 2005. 987-0-7645-7481-8.

[2] Eagle, C.: The IDA Pro Book: The unofficial Guide to the World's Most Popular Disassembler. No Starch Press. 2011. 987-1-59327-289-0.

[3] Seacord, R. C.: Secure Coding in C and C++. Software Engineering Institute, Carnegie Mellon University. 2013. 987-0-321-82213-0.

[4] Russinovich M. - Solomon D. A. - Ionescu A.: Windows Internals Part 1. Microsoft Press. 2012. 987-0-7356-4873-9.

[5] Russinovich M. - Solomon D. A. - Ionescu A.: Windows Internals Part 2. Microsoft Press. 2012. 987-0-7356-6587-3.

Note:
Time-table for winter semester 2023/2024:
06:00–08:0008:00–10:0010:00–12:0012:00–14:0014:00–16:0016:00–18:0018:00–20:0020:00–22:0022:00–24:00
Mon
roomT9:345
Kokeš J.
16:15–17:45
ODD WEEK

(lecture parallel1)
Dejvice
NBFIT BOU ucebna
Tue
roomT9:345
Kokeš J.
16:15–17:45
(lecture parallel1
parallel nr.101)

Dejvice
NBFIT BOU ucebna
Wed
Thu
Fri
Time-table for summer semester 2023/2024:
Time-table is not available yet
The course is a part of the following study plans:
Data valid to 2024-03-27
Aktualizace výše uvedených informací naleznete na adrese https://bilakniha.cvut.cz/en/predmet6626206.html