A course is the basic teaching unit, it's design as a medium for a student to acquire comprehensive knowledge and skills indispensable in the given field. A course guarantor is responsible for the factual content of the course.
For each course, there is a department responsible for the course organisation. A person responsible for timetabling for a given department sets a time schedule of teaching and for each class, s/he assigns an instructor and/or an examiner.
Expected time consumption of the course is expressed by a course attribute extent of teaching. For example, extent = 2 +2 indicates two teaching hours of lectures and two teaching hours of seminar (lab) per week.
At the end of each semester, the course instructor has to evaluate the extent to which a student has acquired the expected knowledge and skills. The type of this evaluation is indicated by the attribute completion. So, a course can be completed by just an assessment ('pouze zápočet'), by a graded assessment ('klasifikovaný zápočet'), or by just an examination ('pouze zkouška') or by an assessment and examination ('zápočet a zkouška') .
The difficulty of a given course is evaluated by the amount of ECTS credits.
The course is in session (cf. teaching is going on) during a semester. Each course is offered either in the winter ('zimní') or summer ('letní') semester of an academic year. Exceptionally, a course might be offered in both semesters.
The subject matter of a course is described in various texts.

NI-REV	Reverse Engineering			Extent of teaching:	1P+2C
Instructor:	Dostál J., Kokeš J., Lórencz R.			Completion:	Z,ZK
Department:	18106	Credits:	5	Semester:	Z

Annotation:
Students will get acquainted with the essentials of reverse engineering of computer software. They will learn how processes start and what happens before and after the main function is called. Students will understand how executable files are organized and how they interact with 3rd party libraries. Another part of the course is dedicated to reverse engineering of applications written in C++. Students will also understand principles of disassemblers and obfuscation techniques. A part of the course will also be dedicated to debuggers: how debuggers and debugging work and which methods can be used to detect it. One of the lectures will be dedicated to the latest trends on the computer malware scene. The focus of the course is on the seminars, where students will solve practically oriented tasks from the real world.

Lecture syllabus:

1.		Introduction to reverse engineering
2.		Analysis of a program's flow
3.		Analysis of C++ classes
4.		Disassembling and obfuscation
5.		Compiler recognition
6.		Debugging and anti-debugging
7.		Reverse analysis of malware

Seminar syllabus:

1.		Introduction to debuggers and assembler
2.		Basic function analysis, stack frame
3.		Reverse engineering tools
4.		PE file structure, Import Address Table
5.		Type information analysis
6.		64bit code
7.		Code injection
8.		Analysis of obfuscated programs
9.		Advanced obfuscation techniques
10.		Reconstruction of packed files
11.		Antidebugging
12.		Analysis of high-level languages

Literature:

[1]		Eilam, E.: Reversing: Secrets of Reverse Engineering. Wiley. 2005. 987-0-7645-7481-8.
[2]		Eagle, C.: The IDA Pro Book: The unofficial Guide to the World's Most Popular Disassembler. No Starch Press. 2011. 987-1-59327-289-0.
[3]		Seacord, R. C.: Secure Coding in C and C++. Software Engineering Institute, Carnegie Mellon University. 2013. 987-0-321-82213-0.
[4]		Russinovich M. - Solomon D. A. - Ionescu A.: Windows Internals Part 1. Microsoft Press. 2012. 987-0-7356-4873-9.
[5]		Russinovich M. - Solomon D. A. - Ionescu A.: Windows Internals Part 2. Microsoft Press. 2012. 987-0-7356-6587-3.

Requirements:
Very good knowledge of C, C++. Basic knowledge of programming in assembler/machine code.

Informace o předmětu a výukové materiály naleznete na https://courses.fit.cvut.cz/MI-REV/. Tento předmět obsahově navazuje na bakalářský předmět Bezpečný kód.

The course is also part of the following Study plans:

Study Plan Study Branch/Specialization Role Recommended semester NI-SPOL.2020 Unspecified Branch/Specialisation of Study VO 1 NI-MI.2020 Managerial Informatics V 3 NI-WI.2020 Web Engineering V 1 NI-NPVS.2020 Design and Programming of Embedded Systems V 3 NI-PSS.2020 Computer Systems and Networks V 1 BI-SPOL.2015 Unspecified Branch/Specialisation of Study V Není BI-WSI-PG.2015 Web and Software Engineering V Není BI-WSI-WI.2015 Web and Software Engineering V Není BI-WSI-SI.2015 Web and Software Engineering V Není BI-ISM.2015 Information Systems and Management V Není BI-ZI.2018 Knowledge Engineering V Není BI-PI.2015 Computer engineering V Není BI-TI.2015 Computer Science V Není BI-BIT.2015 Computer Security and Information technology V Není NIE-DBE.2023 Digital Business Engineering VO 1 NI-PB.2020 Computer Security PS 1 NI-ZI.2020 Knowledge Engineering V 1 NI-SP.2020 System Programming V 1 NI-SP.2023 System Programming V 1 NI-TI.2023 Computer Science V 1 NI-TI.2020 Computer Science V 1 BI-SPOL.21 Unspecified Branch/Specialisation of Study V Není BI-PI.21 Computer Engineering 2021 (in Czech) V Není BI-PG.21 Computer Graphics 2021 (in Czech) V Není BI-MI.21 Business Informatics 2021 (In Czech) V Není BI-IB.21 Information Security 2021 (in Czech) V Není BI-PS.21 Computer Networks and Internet 2021 (in Czech) V Není BI-PV.21 Computer Systems and Virtualization 2021 (in Czech) V Není BI-SI.21 Software Engineering 2021 (in Czech) V Není BI-TI.21 Computer Science 2021 (in Czech) V Není BI-UI.21 Artificial Intelligence 2021 (in Czech) V Není BI-WI.21 Web Engineering 2021 (in Czech) V Není NI-SI.2020 Software Engineering (in Czech) V 1

---

Page updated 20. 4. 2024, semester: L/2023-4, L/2020-1, L/2022-3, L/2021-2, Z/2019-20, Z/2022-3, Z/2020-1, Z/2023-4, L/2019-20, Z/2021-2, Z/2024-5, Send comments to the content presented here to Administrator of study plans

Design and implementation: J. Novák, I. Halaška