Visible to the public Exploring Provenance Needs in Software Reverse Engineering

TitleExploring Provenance Needs in Software Reverse Engineering
Publication TypeConference Paper
Year of Publication2020
AuthorsHenry, Wayne C., Peterson, Gilbert L.
Conference Name2020 13th International Conference on Systematic Approaches to Digital Forensic Engineering (SADFE)
Date Publishedmay
Keywordscomposability, Human Behavior, Interviews, Metrics, Provenance, pubcrawl, Qualitative User Study, Resiliency, reverse engineering, Visual Analytics-Provenance
AbstractReverse engineers are in high demand in digital forensics for their ability to investigate malicious cyberspace threats. This group faces unique challenges due to the security-intensive environment, such as working in isolated networks, a limited ability to share files with others, immense time pressure, and a lack of cognitive support tools supporting the iterative exploration of binary executables. This paper presents an exploratory study that interviewed experienced reverse engineers' work processes, tools, challenges, and visualization needs. The findings demonstrate that engineers have difficulties managing hypotheses, organizing results, and reporting findings during their analysis. By considering the provenance support techniques of existing research in other domains, this study contributes new insights about the needs and opportunities for reverse engineering provenance tools.
DOI10.1109/SADFE51007.2020.00008
Citation Keyhenry_exploring_2020