Exploring Provenance Needs in Software Reverse Engineering

Document Type

Conference Proceeding

Publication Date



Reverse engineers are in high demand in digital forensics for their ability to investigate malicious cyberspace threats. This group faces unique challenges due to the security-intensive environment, such as working in isolated networks, a limited ability to share files with others, immense time pressure, and a lack of cognitive support tools supporting the iterative exploration of binary executables. This paper presents an exploratory study that interviewed experienced reverse engineers’ work processes, tools, challenges, and visualization needs. The findings demonstrate that engineers have difficulties managing hypotheses, organizing results, and reporting findings during their analysis. By considering the provenance support techniques of existing research in other domains, this study contributes new insights about the needs and opportunities for reverse engineering provenance tools.


This conference paper is available with an IEEE subscription through the DOI link on this page.

Current AFIT faculty, students and staff may access the paper by clicking here.

Source Publication

2020 13th International Conference on Systematic Approaches to Digital Forensic Engineering (SADFE)

This document is currently not available here.