Code Hardening: Development of a Reverse Software Engineering Project

Zachary Michael Steudel; Cynthia C. Fry

Download Paper | Permalink

Conference: 2020 ASEE Virtual Annual Conference Content Access
Location: Virtual On line
Publication Date: June 22, 2020
Start Date: June 22, 2020
End Date: June 26, 2021
Conference Session: Computers in Education Division Technical Session 7: Advanced CS courses
Tagged Division: Computers in Education
Page Count: 9
DOI: 10.18260/1-2--34296
Permanent URL: https://peer.asee.org/34296
Download Count: 896

Paper Authors

biography

Zachary Michael Steudel Baylor University

visit author page

Zachary Steudel is a Junior Computer Science student at Baylor University working as a Teaching Assistant under Ms. Cynthia C. Fry. As part of the Teaching Assistant role, Zachary designed and created the group project for the Computer Systems course. Zachary Steudel worked as a Software Developer Intern at Amazon in the Summer of 2019 and plans to join Microsoft as a Software Engineering Intern in the Summer of 2020.

visit author page

biography

Cynthia C. Fry Baylor University

visit author page

CYNTHIA C. FRY is currently a Senior Lecturer of Computer Science at Baylor University. She worked at NASA’s Marshall Space Flight Center as a Senior Project Engineer, a Crew Training Manager, and the Science Operations Director for STS-46. She was an Engineering Duty Officer in the U.S. Navy (IRR), and worked with the Naval Maritime Intelligence Center as a Scientific/Technical Intelligence Analyst. She was the owner and chief systems engineer for Systems Engineering Services (SES), a computer systems design, development, and consultation firm. She joined the faculty of the School of Engineering and Computer Science at Baylor University in 1997, where she teaches a variety of engineering and computer science classes, she is the Faculty Advisor for the Women in Computer Science (WiCS), the Director of the Computer Science Fellows program, and is a KEEN Fellow. She has authored and co-authored over fifty peer-reviewed papers.

visit author page

Download Paper | Permalink

Abstract

In CSI 2334, “Introduction to Computer Systems,” we introduce a group project to the students whose purpose is to simulate a team project on the job. Group projects are used very frequently to provide a similar learning environment which capitalizes on the benefits of peer-to-peer instruction, or cooperative learning. In this group project, students are presented with a challenge. A piece of executable code has been found on an older server, and the student teams must determine what the code is designed to do; and, in particular, whether the code is benign or malicious in nature.

In order to simulate this scenario, we develop a software system to be hardened. The system developed is generally a game that has some malicious content, which is then obfuscated before the executable is presented to the student teams. The objective for the student teams is to research methods by which the binary file can be “read” without executing it, and to modify the behavior of the executable file, depending on the purpose of the code. If it is determined to be a game, game play will be modified in a non-trivial manner. If it is determined to be a benign system with some malicious behavior incorporated, that malicious behavior must be quarantined. If it is both, the student teams will not only modify the game play of the system, but also quarantine any malicious behavior in the system.

This paper will briefly introduce methods of software hardening, and will discusses the design of the project; the implementation of the design; code obfuscation techniques used; and which obfuscation techniques were used to produce the mystery executable used as the class’s project.

Citation
Format

Steudel, Z. M., & Fry, C. C. (2020, June), Code Hardening: Development of a Reverse Software Engineering Project Paper presented at 2020 ASEE Virtual Annual Conference Content Access, Virtual On line . 10.18260/1-2--34296