CAPEC Details
Name Black Box Reverse Engineering
Likelyhood of attack Typical severity
Low Low
Summary An adversary discovers the structure, function, and composition of a type of computer software through black box analysis techniques. 'Black Box' methods involve interacting with the software indirectly, in the absence of direct access to the executable object. Such analysis typically involves interacting with the software at the boundaries of where the software interfaces with a larger execution environment, such as input-output vectors, libraries, or APIs. Black Box Reverse Engineering also refers to gathering physical side effects of a hardware device, such as electromagnetic radiation or sounds.
Prerequisites
Solutions
Related Weaknesses
CWE ID Description
CWE-203 Observable Discrepancy
CWE-1255 Comparison Logic is Vulnerable to Power Side-Channel Attacks
CWE-1300 Improper Protection of Physical Side Channels
Related CAPECS
CAPEC ID Description
CAPEC-188 An adversary discovers the structure, function, and composition of an object, resource, or system by using a variety of analysis techniques to effectively determine how the analyzed entity was constructed or operates. The goal of reverse engineering is often to duplicate the function, or a part of the function, of an object in order to duplicate or "back engineer" some aspect of its functioning. Reverse engineering techniques can be applied to mechanical objects, electronic devices, or software, although the methodology and techniques involved in each type of analysis differ widely.