Securing our networks and assuring information operations in cyberspace are vital activities for national security. Knowing precisely what a piece of software does can be critical to maintaining competitive advantage—for example, determining the capabilities of malware, or comprehending the undocumented logic in a legacy supply system. Binary executable programs are particularly difficult for humans to comprehend because the compilation process is a oneway transformation from context-rich source code to a highly-optimized binary program. Our central problem is that binary reverse engineering (RE) is a highly-specialized skill that requires extensive training and experience. Additionally, the RE process requires a human-in-the-loop because the compound uncertainties introduced in disassembling and decompiling a binary program prevent a fully-automated solution. Immersive virtual reality (VR) offers novel ways to visualize and spatially interact with the complex and expansive data produced in the binary RE process. It holds potential to amplify the effectiveness of both novices-in-training and experts. In tackling this problem, we follow a human-centered interaction design process of discovery, definition, development, and iterative refinement. In our discovery, we performed a thorough survey of the cognitive models of experts performing binary RE, related elements of cognitive theory, and the affordances in VR that leverage cognitive theory to improve human effectiveness. In the definition phase, we prioritized the identified affordances in VR into an initial set for the development phase, where we implemented a VR system providing an immersive spatial interface to data provided by industry-standard reverse engineering tools. With this baseline implementation, we began iterating based on qualitative feedback from practitioners with varying experience in binary RE. While the feedback is promising, especially in user organization of code and graphs in space, our goal is to build a system ready for a formal user study of effectiveness.

 

Keywords
AUGMENTED AND VIRTUAL REALITY (AR/VR);COGNITIVE;ENHANCING PERFORMANCE;HUMAN FACTORS;SECURITY

Additional Keywords