How Professional Hackers Understand Protected Code while Performing Attack Tasks
- Submitting institution
-
University of East London
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 7
- Type
- E - Conference contribution
- DOI
-
10.1109/ICPC.2017.2
- Title of conference / published proceedings
- 2017 IEEE/ACM 25th International Conference on Program Comprehension (ICPC)
- First page
- 154
- Volume
- -
- Issue
- -
- ISSN
- -
- Open access status
- -
- Month of publication
- -
- Year of publication
- 2017
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
6
- Research group(s)
-
3 - Secure Software Engineering
- Citation count
- 7
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- This work shows firstly how professional pen-testers analyse protected code and perform reverse engineering attacks, documented in penetration tests reports on three industrial case studies.
Reports were subjected to a qualitative analysis with open coding methodology to build a complete taxonomy of the main attack activities, helping to identify the current weaknesses to be tackled by future code protections. The paper received the Best Paper and ACM Distinguished Paper Awards at the ICPC-2017 conference [1], was invited for presentation at Dagstuhl seminars in 2017, and has been extended with a public challenge for another journal publication [2]
[1]http://icpc2017.unibas.it/awards.html
[2]https://doi.org/10.1007/s10664-018-9625-6
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -