CAPEC-188

Reverse Engineering
Laag
Laag
Stable
2014-06-23
00h00 +00:00
2023-01-24
00h00 +00:00
CAPEC Mitre.org
Melding voor een CAPEC
Blijf op de hoogte van wijzigingen voor een specifieke CAPEC.
Meldingen beheren

Beschrijvingen CAPEC

An adversary discovers the structure, function, and composition of an object, resource, or system by using a variety of analysis techniques to effectively determine how the analyzed entity was constructed or operates. The goal of reverse engineering is often to duplicate the function, or a part of the function, of an object in order to duplicate or "back engineer" some aspect of its functioning. Reverse engineering techniques can be applied to mechanical objects, electronic devices, or software, although the methodology and techniques involved in each type of analysis differ widely.

Informatie CAPEC

Vereisten

Access to targeted system, resources, and information.

Vereiste vaardigheden

Understanding of low level programming languages or technologies can be very helpful. For example, when reverse engineering a binary file, an understanding of assembly languages can help to determine the purpose and inner-workings of the code. Another example is reverse engineering an application that relies on networking. Here, an understanding networking protocols can provide insight into application details.

Vereiste middelen

The technical resources necessary to engage in reverse engineering differ in accordance with the type of object, resource, or system being analyzed.

Mitigaties

Employ code obfuscation techniques to prevent the adversary from reverse engineering the targeted entity.

Gerelateerde zwakheden

CWE-ID Zwakheidsnaam

CWE-1278

 Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques
Information stored in hardware may be recovered by an attacker with the capability to capture and analyze images of the integrated circuit using techniques such as scanning electron microscopy.

Referenties

REF-50

Wikipedia
http://en.wikipedia.org/wiki/Reverse_engineering

Indiening

Naam Organisatie Datum Releasedatum
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Wijzigingen

Naam Organisatie Datum Opmerking
CAPEC Content Team The MITRE Corporation 2015-11-09 +00:00 Updated Activation_Zone, Attacker_Skills_or_Knowledge_Required, Description Summary, Injection_Vector, Payload, Payload_Activation_Impact, Related_Attack_Patterns, Related_Weaknesses, Resources_Required
CAPEC Content Team The MITRE Corporation 2017-05-01 +00:00 Updated Attack_Prerequisites, Description Summary, Examples-Instances, Resources_Required, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit
CAPEC Content Team The MITRE Corporation 2018-07-31 +00:00 Updated Attacker_Skills_or_Knowledge_Required
CAPEC Content Team The MITRE Corporation 2023-01-24 +00:00 Updated Related_Weaknesses
De informatie die op CVE Find wordt gepresenteerd, is afkomstig van verschillende zorgvuldig geselecteerde referentiebronnen. CVE-gegevens worden geleverd door MITRE Corporation en de National Vulnerability Database (NVD). De Known Exploited Vulnerabilities (KEV)-catalogus is afkomstig van de Cybersecurity and Infrastructure Security Agency (CISA), terwijl EPSS-scores afkomstig zijn van FIRST.org. Daarnaast worden gegevens over softwarezwakheden (CWE) en veelvoorkomende aanvalspatronen (CAPEC) bijgehouden door MITRE Corporation, en informatie over hardware- en softwareconfiguraties (CPE) wordt geleverd door de NVD.