The course is intended to provide an insight into the art and science of software and firmware reverse-engineering. It covers a variety of topics on how to approach complex problems of analyzing malicious code for the purpose of understanding its internals. By steadily advancing into the science of reverse-engineering, students will observe how a seemingly insurmountable problem of malware binary analysis gradually breaks down into tractable components that can be easily studied, interpreted and documented. The anatomy, behavior and manifestation of malware will be discussed. Students will receive hands-on experience with techniques analyzing, disassembling, debugging and monitoring malware in a controlled environment.

Class format

Lecture and project-based 

Home department

INI

Target audience

INI students

Background required

Prerequisites include 18-240 and either 15-513 or 18-213.

Learning objectives

• Study and understand concepts of discovering the technological principles of a device or a system through analysis of its structure, function and operation
• Apply reverse-engineering methods to analyze software
• Identify and formulate the anatomy, behavior and manifestation of malicious software through reverse-engineering analysis
• Apply reverse-engineering methods to analyze firmware on embedded devices
• Receive hands-on experience with techniques analyzing, disassembling, debugging and monitoring malware in a controlled environment

Faculty and instructors who have taught this course in the past