[ISN] Competition to "reverse engineer" mystery program

From: InfoSec News (isnat_private)
Date: Sat May 04 2002 - 22:00:30 PDT

  • Next message: InfoSec News: "[ISN] Cyber Crime Crisis Looms in Zimbabwe"

    Will Knight
    17:21 03 May 02 
    NewScientist.com news service 
    Programmers the world over will next week have the chance to "reverse
    engineer" a mysterious and malicious computer program. They must
    determine its intentions and test their programming skills.
    The idea is to simulate the crises network administrators face
    whenever a rogue program, also known as a Trojan or zombie, is
    uploaded into a computer system by an intruder. These programs are
    designed to capture passwords or probe the system for further
    weaknesses on the intruder's behalf. An administrator must work out
    what the program does, but without seeing the source code used to
    build it.
    "In specific cases, you may encounter something you don't recognise,"  
    says Job de Haas, managing director of Dutch company ITSX Security,
    and one of the competition's judges. "It is important that you can get
    a feeling for the extent of the compromise and how serious it is."
    Back to the source
    The program will be released next week at the link below, but no
    further information will be provided, not even the language it was
    written in. Competitors must not only determine the purpose of the
    program but also figure out ways it could be stopped in its tracks.  
    They will even be asked to guess what kind of person wrote the
    program. A panel of judges will mark all the entries.
    The Reverse Challenge is the brainchild of a consortium of computer
    researchers from different companies and universities known as the
    Honeypot Project.
    Reverse engineering involves effectively going backwards through the
    process of building a computer program. Some programming tools will
    help with this task but, says De Haas, the process also requires good
    programming skills.
    "It's been a very secluded skill that has become more and more
    mainstream," he says. "An explosion of these [hacking] tools will make
    this a very needed skill for people in this field."
    Ian Brown, a computer security researcher at University College
    London, says this skill is useful for combating all sorts of malicious
    programs, including computer viruses and worms. "When a new virus,
    Trojan or zombie is discovered in the wild, its mode of operation, and
    hence how to defeat it, can be derived without the need for its source
    code," he explains.
    But programmers will be competing for more than just kudos. They can
    win computer security books and entry to the Black Hat Briefings, a US
    computer security conference. The Honeypot Project has in the past
    organised competitions requiring competitors to analyse a computer
    system after a simulated break-in.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Sun May 05 2002 - 02:25:15 PDT