Reverse EngineeringLaajuus (5 cr)
Code: TTKW0230
Credits
5 op
Teaching language
- English
Responsible person
- Joonatan Ovaska
Objective
The student is aware of the methods to analyze and reverse engineer undocumented protocols, binary files and applications. After successfully passing this course, the student is able to perform simple reverse engineering tasks on X86 Windows and Linux binaries. The student understands the differences between static and dynamic analysis. The student is able to perform basic dynamic analysis tasks. The student understands the structure of PE binary files and how they can be analyzed using existing, widely available tools. The student learns how to document his findings in a report format that is understandable to a person with similar skills in reverse engineering.
Content
The course covers methodologies to analyze and reverse engineer undocumented protocols, binary files and applications using static and dynamic analysis. The course includes labs where the covered topics are put into practice.
Qualifications
Basics in Programming, Operating systems, Data structures and algorithms, Introduction to Internet technology.
Assessment criteria, satisfactory (1)
Excellent (5): The student understands all topics discussed during the course and is able to use them in an innovative manner even in challenging situations. The student is able to search and utilize information about discussed topics independently. The student is able to analyze basic X86 binaries independently using tools covered in the course and has the ability to utilize widely available tools not covered in the course.
Very good (4): The student understands the most important topics discussed during the course and is able to utilize this knowledge in most common cases. The student is able to search and understand information about discussed topics. The student is able to analyze basic X86 binaries independently using tools covered in the course.
Good (3): The student understands the most important topics discussed during the course and is able to utilize this knowledge in the most basic cases. The student is able to utilize information about the discussed topics. The student is able to analyze basic X86 binaries using the tools and techniques covered in the course.
Satisfactory (2): The student understands the most basic topics discussed during the course, however, he/she struggles to utilize this knowledge. The student is not able to search for relevant information independently. The student is able to analyze simple X86 binaries using the tools and techniques covered in the course with assistance.
Sufficient (1): The student is familiar with the basic topics discussed during the course. The student is able to perform the most basic analysis on the simplest of X86 binaries using only some of the tools covered in the course with assistance.
Fail 0: The student does not meet the minimum criteria set for the course.
Enrollment
01.11.2021 - 09.01.2022
Timing
14.02.2022 - 25.03.2022
Number of ECTS credits allocated
5 op
Virtual portion
5 op
Mode of delivery
Online learning
Unit
School of Technology
Campus
Lutakko Campus
Teaching languages
- English
Seats
0 - 35
Degree programmes
- Bachelor's Degree Programme in Information and Communications Technology
Teachers
- Joonatan Ovaska
Groups
-
TTV19S1Tieto- ja viestintätekniikka
Objectives
The student is aware of the methods to analyze and reverse engineer undocumented protocols, binary files and applications. After successfully passing this course, the student is able to perform simple reverse engineering tasks on X86 Windows and Linux binaries. The student understands the differences between static and dynamic analysis. The student is able to perform basic dynamic analysis tasks. The student understands the structure of PE binary files and how they can be analyzed using existing, widely available tools. The student learns how to document his findings in a report format that is understandable to a person with similar skills in reverse engineering.
Content
The course covers methodologies to analyze and reverse engineer undocumented protocols, binary files and applications using static and dynamic analysis. The course includes labs where the covered topics are put into practice.
Learning materials and recommended literature
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
Teaching methods
Lecture videos, assignment solving videos, book
Alternative completion methods
The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.
Student workload
One credit (1 Cr) corresponds to an average of 27 hours of work.
- lectures 8 h
- assignment 60 h
- independent study 51 h
- reading and weekly quiz 16 h
Total 135 h
Further information for students
Points from the quizzes and from the lab reports. No exam
Evaluation scale
0-5
Evaluation criteria, satisfactory (1-2)
Excellent (5): The student understands all topics discussed during the course and is able to use them in an innovative manner even in challenging situations. The student is able to search and utilize information about discussed topics independently. The student is able to analyze basic X86 binaries independently using tools covered in the course and has the ability to utilize widely available tools not covered in the course.
Very good (4): The student understands the most important topics discussed during the course and is able to utilize this knowledge in most common cases. The student is able to search and understand information about discussed topics. The student is able to analyze basic X86 binaries independently using tools covered in the course.
Good (3): The student understands the most important topics discussed during the course and is able to utilize this knowledge in the most basic cases. The student is able to utilize information about the discussed topics. The student is able to analyze basic X86 binaries using the tools and techniques covered in the course.
Satisfactory (2): The student understands the most basic topics discussed during the course, however, he/she struggles to utilize this knowledge. The student is not able to search for relevant information independently. The student is able to analyze simple X86 binaries using the tools and techniques covered in the course with assistance.
Sufficient (1): The student is familiar with the basic topics discussed during the course. The student is able to perform the most basic analysis on the simplest of X86 binaries using only some of the tools covered in the course with assistance.
Fail 0: The student does not meet the minimum criteria set for the course.
Prerequisites
Basics in Programming, Operating systems, Data structures and algorithms, Introduction to Internet technology.