Skip to main content

Reverse EngineeringLaajuus (5 cr)

Code: TTC6510

Credits

5 op

Teaching language

  • Finnish
  • English

Responsible person

  • Joonatan Ovaska

Objective

The student is aware of the methods to analyze and reverse engineer applications. After successfully passing this course, the student is able to perform simple reverse engineering tasks on X86 Windows and Linux binaries. The student understands the differences between static and dynamic analysis. The student is able to perform basic dynamic analysis tasks. The student understands the structure of PE binary files and how they can be analyzed using existing, widely available tools. The student learns how to document his/her findings in a report format that is understandable to a person with similar skills in reverse engineering

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 
EUR-ACE: Multidisciplinary competences

Content

The course covers methodologies to analyze and reverse engineer binary files and applications using static and dynamic analysis. The course includes labs where the covered topics are put into practice.

Qualifications

Basics in Programming, Operating systems, Data structures and algorithms

Assessment criteria, satisfactory (1)

Sufficient (1): The student is familiar with the basic topics discussed during the course. The student is able to perform the most basic analysis on the simplest of X86 binaries using only some of the tools covered in the course with assistance.

Satisfactory (2): The student understands the most basic topics discussed during the course, however, he/she struggles to utilize this knowledge. The student is not able to search for relevant information independently. The student is able to analyze simple X86 binaries using the tools and techniques covered in the course with assistance.

Assessment criteria, good (3)

Good (3): The student understands the most important topics discussed during the course and is able to utilize this knowledge in the most basic cases. The student is able to utilize information about the discussed topics. The student is able to analyze basic X86 binaries using the tools and techniques covered in the course.

Very good (4): The student understands the most important topics discussed during the course and is able to utilize this knowledge in most common cases. The student is able to search and understand information about discussed topics. The student is able to analyze basic X86 binaries independently using tools covered in the course.

Assessment criteria, excellent (5)

Excellent (5): The student understands all topics discussed during the course and is able to use them in an innovative manner even in challenging situations. The student is able to search and utilize information about discussed topics independently. The student is able to analyze basic X86 binaries independently using tools covered in the course and utilize widely available tools not covered in the course.

Enrollment

18.11.2024 - 09.01.2025

Timing

13.01.2025 - 30.04.2025

Number of ECTS credits allocated

5 op

Virtual portion

5 op

Mode of delivery

Online learning

Unit

School of Technology

Campus

Lutakko Campus

Teaching languages
  • English
Seats

0 - 35

Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Joonatan Ovaska
Groups
  • TTV22S5
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S2
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S3
    Tieto- ja viestintätekniikka (AMK)
  • TIC22S1
    Bachelor's Degree Programme in Information and Communications Technology
  • TTV22S1
    Tieto- ja viestintätekniikka (AMK)
  • TTV22SM
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S4
    Tieto- ja viestintätekniikka (AMK)
  • TTV22SM2
    Tieto- ja viestintätekniikka (AMK)

Objectives

The student is aware of the methods to analyze and reverse engineer applications. After successfully passing this course, the student is able to perform simple reverse engineering tasks on X86 Windows and Linux binaries. The student understands the differences between static and dynamic analysis. The student is able to perform basic dynamic analysis tasks. The student understands the structure of PE binary files and how they can be analyzed using existing, widely available tools. The student learns how to document his/her findings in a report format that is understandable to a person with similar skills in reverse engineering

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 
EUR-ACE: Multidisciplinary competences

Content

The course covers methodologies to analyze and reverse engineer binary files and applications using static and dynamic analysis. The course includes labs where the covered topics are put into practice.

Learning materials and recommended literature

Materials in the e-learning environment and the book: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- exercises
- learning tasks
- book

Exam dates and retake possibilities

No exam, assessment is based on assignments.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 10 h
- reading assignments 10 h
- independent study 45 h
- assignment solving 60 h
- assignment reporting 10h
Total 135 h

Content scheduling

We start by going through whole course theory, after all theory parts, we'll continue with hands-on assignments for the rest of the course.

Further information for students

Points from the quizzes and from the lab reports. No exam

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient (1): The student is familiar with the basic topics discussed during the course. The student is able to perform the most basic analysis on the simplest of X86 binaries using only some of the tools covered in the course with assistance.

Satisfactory (2): The student understands the most basic topics discussed during the course, however, he/she struggles to utilize this knowledge. The student is not able to search for relevant information independently. The student is able to analyze simple X86 binaries using the tools and techniques covered in the course with assistance.

Evaluation criteria, good (3-4)

Good (3): The student understands the most important topics discussed during the course and is able to utilize this knowledge in the most basic cases. The student is able to utilize information about the discussed topics. The student is able to analyze basic X86 binaries using the tools and techniques covered in the course.

Very good (4): The student understands the most important topics discussed during the course and is able to utilize this knowledge in most common cases. The student is able to search and understand information about discussed topics. The student is able to analyze basic X86 binaries independently using tools covered in the course.

Evaluation criteria, excellent (5)

Excellent (5): The student understands all topics discussed during the course and is able to use them in an innovative manner even in challenging situations. The student is able to search and utilize information about discussed topics independently. The student is able to analyze basic X86 binaries independently using tools covered in the course and utilize widely available tools not covered in the course.

Prerequisites

Basics in Programming, Operating systems, Data structures and algorithms

Enrollment

01.08.2024 - 22.08.2024

Timing

26.08.2024 - 18.12.2024

Number of ECTS credits allocated

5 op

Mode of delivery

Face-to-face

Unit

School of Technology

Campus

Lutakko Campus

Teaching languages
  • English
Seats

0 - 35

Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Joonatan Ovaska
Groups
  • TTV22S5
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S2
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S3
    Tieto- ja viestintätekniikka (AMK)
  • TIC22S1
    Bachelor's Degree Programme in Information and Communications Technology
  • TTV22S1
    Tieto- ja viestintätekniikka (AMK)
  • TTV22S4
    Tieto- ja viestintätekniikka (AMK)

Objectives

The student is aware of the methods to analyze and reverse engineer applications. After successfully passing this course, the student is able to perform simple reverse engineering tasks on X86 Windows and Linux binaries. The student understands the differences between static and dynamic analysis. The student is able to perform basic dynamic analysis tasks. The student understands the structure of PE binary files and how they can be analyzed using existing, widely available tools. The student learns how to document his/her findings in a report format that is understandable to a person with similar skills in reverse engineering

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 
EUR-ACE: Multidisciplinary competences

Content

The course covers methodologies to analyze and reverse engineer binary files and applications using static and dynamic analysis. The course includes labs where the covered topics are put into practice.

Learning materials and recommended literature

Materials in the e-learning environment and the book: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- exercises
- learning tasks
- book

Exam dates and retake possibilities

No exam, assessment is based on assignments.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 10 h
- reading assignments 10 h
- independent study 45 h
- assignment solving 60 h
- assignment reporting 10h
Total 135 h

Content scheduling

We start by going through whole course theory, after all theory parts, we'll continue with hands-on assignments for the rest of the course.

Further information for students

Points from the quizzes and from the lab reports. No exam

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient (1): The student is familiar with the basic topics discussed during the course. The student is able to perform the most basic analysis on the simplest of X86 binaries using only some of the tools covered in the course with assistance.

Satisfactory (2): The student understands the most basic topics discussed during the course, however, he/she struggles to utilize this knowledge. The student is not able to search for relevant information independently. The student is able to analyze simple X86 binaries using the tools and techniques covered in the course with assistance.

Evaluation criteria, good (3-4)

Good (3): The student understands the most important topics discussed during the course and is able to utilize this knowledge in the most basic cases. The student is able to utilize information about the discussed topics. The student is able to analyze basic X86 binaries using the tools and techniques covered in the course.

Very good (4): The student understands the most important topics discussed during the course and is able to utilize this knowledge in most common cases. The student is able to search and understand information about discussed topics. The student is able to analyze basic X86 binaries independently using tools covered in the course.

Evaluation criteria, excellent (5)

Excellent (5): The student understands all topics discussed during the course and is able to use them in an innovative manner even in challenging situations. The student is able to search and utilize information about discussed topics independently. The student is able to analyze basic X86 binaries independently using tools covered in the course and utilize widely available tools not covered in the course.

Prerequisites

Basics in Programming, Operating systems, Data structures and algorithms

Enrollment

01.08.2023 - 24.08.2023

Timing

28.08.2023 - 27.10.2023

Number of ECTS credits allocated

5 op

Mode of delivery

Face-to-face

Unit

School of Technology

Campus

Lutakko Campus

Teaching languages
  • English
Seats

0 - 35

Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Joonatan Ovaska
Groups
  • TTV21S3
    Tieto- ja viestintätekniikka (AMK)
  • TTV21S5
    Tieto- ja viestintätekniikka (AMK)
  • TIC21S1
    Bachelor's Degree Programme in Information and Communications Technology
  • TTV21S2
    Tieto- ja viestintätekniikka (AMK)
  • TTV21S1
    Tieto- ja viestintätekniikka (AMK)

Objectives

The student is aware of the methods to analyze and reverse engineer applications. After successfully passing this course, the student is able to perform simple reverse engineering tasks on X86 Windows and Linux binaries. The student understands the differences between static and dynamic analysis. The student is able to perform basic dynamic analysis tasks. The student understands the structure of PE binary files and how they can be analyzed using existing, widely available tools. The student learns how to document his/her findings in a report format that is understandable to a person with similar skills in reverse engineering

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 
EUR-ACE: Multidisciplinary competences

Content

The course covers methodologies to analyze and reverse engineer binary files and applications using static and dynamic analysis. The course includes labs where the covered topics are put into practice.

Learning materials and recommended literature

Materials in the e-learning environment and the book: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- exercises
- learning tasks
- book

Exam dates and retake possibilities

No exam, assessment is based on assignments.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 10 h
- demos and walkthroughs 10 h
- assignment 56 h
- independent study 41 h
- reading and weekly quiz 18 h
Total 135 h

Further information for students

Points from the quizzes and from the lab reports. No exam

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient (1): The student is familiar with the basic topics discussed during the course. The student is able to perform the most basic analysis on the simplest of X86 binaries using only some of the tools covered in the course with assistance.

Satisfactory (2): The student understands the most basic topics discussed during the course, however, he/she struggles to utilize this knowledge. The student is not able to search for relevant information independently. The student is able to analyze simple X86 binaries using the tools and techniques covered in the course with assistance.

Evaluation criteria, good (3-4)

Good (3): The student understands the most important topics discussed during the course and is able to utilize this knowledge in the most basic cases. The student is able to utilize information about the discussed topics. The student is able to analyze basic X86 binaries using the tools and techniques covered in the course.

Very good (4): The student understands the most important topics discussed during the course and is able to utilize this knowledge in most common cases. The student is able to search and understand information about discussed topics. The student is able to analyze basic X86 binaries independently using tools covered in the course.

Evaluation criteria, excellent (5)

Excellent (5): The student understands all topics discussed during the course and is able to use them in an innovative manner even in challenging situations. The student is able to search and utilize information about discussed topics independently. The student is able to analyze basic X86 binaries independently using tools covered in the course and utilize widely available tools not covered in the course.

Prerequisites

Basics in Programming, Operating systems, Data structures and algorithms

Enrollment

01.08.2022 - 25.08.2022

Timing

29.08.2022 - 27.10.2022

Number of ECTS credits allocated

5 op

Mode of delivery

Face-to-face

Unit

School of Technology

Campus

Lutakko Campus

Teaching languages
  • Finnish
Seats

0 - 35

Degree programmes
  • Bachelor's Degree Programme in Information and Communications Technology
Teachers
  • Joonatan Ovaska

Objectives

The student is aware of the methods to analyze and reverse engineer applications. After successfully passing this course, the student is able to perform simple reverse engineering tasks on X86 Windows and Linux binaries. The student understands the differences between static and dynamic analysis. The student is able to perform basic dynamic analysis tasks. The student understands the structure of PE binary files and how they can be analyzed using existing, widely available tools. The student learns how to document his/her findings in a report format that is understandable to a person with similar skills in reverse engineering

Competences
EUR-ACE: Knowledge and understanding 
EUR-ACE: Engineering practice 
EUR-ACE: Multidisciplinary competences

Content

The course covers methodologies to analyze and reverse engineer binary files and applications using static and dynamic analysis. The course includes labs where the covered topics are put into practice.

Learning materials and recommended literature

Materials in the e-learning environment and the book: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- exercises
- learning tasks
- book

Exam dates and retake possibilities

No exam, assessment is based on assignments.

Alternative completion methods

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 8 h
- assignment 60 h
- independent study 51 h
- reading and weekly quiz 16 h
Total 135 h

Further information for students

Points from the quizzes and from the lab reports. No exam

Evaluation scale

0-5

Evaluation criteria, satisfactory (1-2)

Sufficient (1): The student is familiar with the basic topics discussed during the course. The student is able to perform the most basic analysis on the simplest of X86 binaries using only some of the tools covered in the course with assistance.

Satisfactory (2): The student understands the most basic topics discussed during the course, however, he/she struggles to utilize this knowledge. The student is not able to search for relevant information independently. The student is able to analyze simple X86 binaries using the tools and techniques covered in the course with assistance.

Evaluation criteria, good (3-4)

Good (3): The student understands the most important topics discussed during the course and is able to utilize this knowledge in the most basic cases. The student is able to utilize information about the discussed topics. The student is able to analyze basic X86 binaries using the tools and techniques covered in the course.

Very good (4): The student understands the most important topics discussed during the course and is able to utilize this knowledge in most common cases. The student is able to search and understand information about discussed topics. The student is able to analyze basic X86 binaries independently using tools covered in the course.

Evaluation criteria, excellent (5)

Excellent (5): The student understands all topics discussed during the course and is able to use them in an innovative manner even in challenging situations. The student is able to search and utilize information about discussed topics independently. The student is able to analyze basic X86 binaries independently using tools covered in the course and utilize widely available tools not covered in the course.

Prerequisites

Basics in Programming, Operating systems, Data structures and algorithms