Next-Generation Software Reverse Engineering

Paradoxically, effective next-generation software protection technology requires development of effective next-generation software attack (reverse engineering) technology, for two quite different reasons:

• Cutting edge software attack tools must be developed to test cutting edge protection techniques, and the protection techniques must be upgraded as vulnerabilities to each new generation of attack tools are identified.
• Software virus developers are beginning to use software protection techniques to prevent analysis of viruses. Without successful analysis, it is not possible to develop successful anti-virus "cures". Software protection, in this case, requires unrelenting software attack - on the viruses.

As part of the national Software Protection Initiative, Anacapa Sciences has received seed funding to develop a next-generation set of software reverse engineering tools. As these tools mature, the Department of Defense and the Department of Homeland Security will use them to protect national-interest software. The tools will also be available to legitimate commercial enterprises, who will use them for the two purposes listed above and for a third purpose - performing legitimate reverse engineering in the form of debugging their software products prior to distribution.

A key product from this work is a "Commercial-Strength C Decompiler", which provides automated support for:

• Source code recovery
• Vulnerability analysis
• Malicious code analysis
• Torture-testing software protection technology.

Funding for the development of the C Decompiler, and for development of a wide variety of software analysis and protection technologies, has been provided by the Department of Defense's Software Protection Initiative. More information is available at http://spi.dod.mil