Asee peer logo

Code Hardening: Development of a Reverse Software Engineering Project

Download Paper |

Conference

2020 ASEE Virtual Annual Conference Content Access

Location

Virtual On line

Publication Date

June 22, 2020

Start Date

June 22, 2020

End Date

June 26, 2021

Conference Session

Computers in Education Division Technical Session 7: Advanced CS courses

Tagged Division

Computers in Education

Page Count

9

DOI

10.18260/1-2--34296

Permanent URL

https://peer.asee.org/34296

Download Count

231

Request a correction

Paper Authors

biography

Zachary Michael Steudel Baylor University

visit author page

Zachary Steudel is a Junior Computer Science student at Baylor University working as a Teaching Assistant under Ms. Cynthia C. Fry. As part of the Teaching Assistant role, Zachary designed and created the group project for the Computer Systems course. Zachary Steudel worked as a Software Developer Intern at Amazon in the Summer of 2019 and plans to join Microsoft as a Software Engineering Intern in the Summer of 2020.

visit author page

biography

Cynthia C. Fry Baylor University

visit author page

CYNTHIA C. FRY is currently a Senior Lecturer of Computer Science at Baylor University. She worked at NASA’s Marshall Space Flight Center as a Senior Project Engineer, a Crew Training Manager, and the Science Operations Director for STS-46. She was an Engineering Duty Officer in the U.S. Navy (IRR), and worked with the Naval Maritime Intelligence Center as a Scientific/Technical Intelligence Analyst. She was the owner and chief systems engineer for Systems Engineering Services (SES), a computer systems design, development, and consultation firm. She joined the faculty of the School of Engineering and Computer Science at Baylor University in 1997, where she teaches a variety of engineering and computer science classes, she is the Faculty Advisor for the Women in Computer Science (WiCS), the Director of the Computer Science Fellows program, and is a KEEN Fellow. She has authored and co-authored over fifty peer-reviewed papers.

visit author page

Download Paper |

Abstract

In CSI 2334, “Introduction to Computer Systems,” we introduce a group project to the students whose purpose is to simulate a team project on the job. Group projects are used very frequently to provide a similar learning environment which capitalizes on the benefits of peer-to-peer instruction, or cooperative learning. In this group project, students are presented with a challenge. A piece of executable code has been found on an older server, and the student teams must determine what the code is designed to do; and, in particular, whether the code is benign or malicious in nature.

In order to simulate this scenario, we develop a software system to be hardened. The system developed is generally a game that has some malicious content, which is then obfuscated before the executable is presented to the student teams. The objective for the student teams is to research methods by which the binary file can be “read” without executing it, and to modify the behavior of the executable file, depending on the purpose of the code. If it is determined to be a game, game play will be modified in a non-trivial manner. If it is determined to be a benign system with some malicious behavior incorporated, that malicious behavior must be quarantined. If it is both, the student teams will not only modify the game play of the system, but also quarantine any malicious behavior in the system.

This paper will briefly introduce methods of software hardening, and will discusses the design of the project; the implementation of the design; code obfuscation techniques used; and which obfuscation techniques were used to produce the mystery executable used as the class’s project.

Steudel, Z. M., & Fry, C. C. (2020, June), Code Hardening: Development of a Reverse Software Engineering Project Paper presented at 2020 ASEE Virtual Annual Conference Content Access, Virtual On line . 10.18260/1-2--34296

ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2020 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015