Understanding How Reverse Engineers Make Sense of Programs from Assembly Language Representations

Abstract

This dissertation develops a theory of the conceptual and procedural aspects involved with how reverse engineers make sense of executable programs. Software reverse engineering is a complex set of tasks which require a person to understand the structure and functionality of a program from its assembly language representation, typically without having access to the program's source code. This dissertation describes the reverse engineering process as a type of "sensemaking," in which a person combines reasoning and information foraging behaviors to develop a mental model of the program. The structure of knowledge elements used in making sense of executable programs are elicited from a case study, interviews with subject matter experts, and observational studies with software reverse engineers. The results from this research can be used to improve reverse engineering tools, to develop training requirements for reverse engineers, and to develop robust computational models of human comprehension in complex tasks where sensemaking is required.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2012
Accession Number
ADA557042

Entities

People

  • Adam R. Bryant

Organizations

  • Air Force Institute of Technology

Tags

Communities of Interest

  • Autonomy
  • Cyber
  • Electronic Warfare
  • Engineered Resilient Systems
  • Human Systems

DTIC Thesaurus Topics

  • Air Force
  • Cognition
  • Computational Science
  • Computer Program Documentation
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Department Of Defense
  • Human Behavior
  • Information Processing
  • Information Systems
  • Instruction Set Architecture
  • Lisp Programming Language
  • Operating Systems
  • Psychology

Fields of Study

  • Computer science
  • Engineering

Readers

  • Artificial Intelligence
  • Software Engineering.