Home > CAPEC List > CAPEC-188: Reverse Engineering (Version 2.11)  

CAPEC-188: Reverse Engineering

 
Reverse Engineering
Definition in a New Window Definition in a New Window
Attack Pattern ID: 188
Abstraction: Meta
Status: Stable
Completeness: Complete
Presentation Filter:
+ Summary

An adversary discovers the structure, function, and composition of an object, resource, or system by using a variety of analysis techniques to effectively determine how the analyzed entity was constructed or operates. The goal of reverse engineering is often to duplicate the function, or a part of the function, of an object in order to duplicate or "back engineer" some aspect of its functioning. Reverse engineering techniques can be applied to mechanical objects, electronic devices, or software, although the methodology and techniques involved in each type of analysis differ widely.

+ Attack Prerequisites
  • Access to targeted system, resources, and information.

+ Typical Severity

Low

+ Typical Likelihood of Exploit

Likelihood: Low

+ Examples-Instances

Description

When adversaries are reverse engineering software, methodologies fall into two broad categories, 'white box' and 'black box.' White box techniques involve methods which can be applied to a piece of software when an executable or some other compiled object can be directly subjected to analysis, revealing at least a portion of its machine instructions that can be observed upon execution. 'Black Box' methods involve interacting with the software indirectly, in the absence of the ability to measure, instrument, or analyze an executable object directly. Such analysis typically involves interacting with the software at the boundaries of where the software interfaces with a larger execution environment, such as input-output vectors, libraries, or APIs.

+ Attacker Skills or Knowledge Required

Skill or Knowledge Level: High

+ Resources Required

The technical resources necessary to engage in reverse engineering differ in accordance with the type of object, resource, or system being analyzed.

+ Solutions and Mitigations

Employ code obfuscation techniques to prevent the adversary from reverse engineering the targeted entity.

+ References
[R.188.1] [REF-6] "Wikipedia". Reverse engineering. The Wikimedia Foundation, Inc. <http://en.wikipedia.org/wiki/Reverse_engineering>.
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2015-11-09Updated Activation_Zone, Attacker_Skills_or_Knowledge_Required, Description Summary, Injection_Vector, Payload, Payload_Activation_Impact, Related_Attack_Patterns, Related_Weaknesses, Resources_RequiredInternal
CAPEC Content TeamThe MITRE Corporation2017-05-01Updated Attack_Prerequisites, Description Summary, Examples-Instances, Resources_Required, Solutions_and_Mitigations, Typical_Likelihood_of_ExploitInternal

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2017