Authors : Zakariyya Hassan Abdullahi; Zainab Suleiman Abdullahi; Kabiru Bashir

Volume/Issue : Volume 10 - 2025, Issue 8 - August

Google Scholar : https://tinyurl.com/2w2d56cm

Scribd : https://tinyurl.com/4wwv2r3z

DOI : https://doi.org/10.38124/ijisrt/25aug411

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Note : Google Scholar may take 30 to 40 days to display the article.

Abstract : The widespread adoption of encryption technologies has raised concerns about the protection and vulnerability of digital data. Protocol reverse engineering (PRE) is a critical methodology for evaluating and validating encryption implementations. It involves analyzing network traffic, message logging, and model checking processes. The key security properties of encryption include confidentiality, integrity, availability, and non-repudiation. However, the dual-use nature of encryption presents challenges for digital forensics and law enforcement investigations. Malicious actors can exploit encryption to conceal criminal activities and obstruct justice. Digital investigators and forensic specialists must develop expertise in specialized decryption tools, steganographic detection methods, and advanced analytical techniques to uncover hidden or obfuscated data. Cryptographic service implementations vary significantly in performance characteristics and security effectiveness, with key size, algorithm type, encryption rounds, algorithm complexity, and data size influencing performance.

Keywords : Reverse Engineering, Encryption, Protocol.

References :

1. M. K. Rogers and K. Seigfried, “The future of computer forensics: A needs analysis survey,” Comput. Secur., vol. 23, no. 1, pp. 12–16, 2004, doi: 10.1016/j.cose.2004.01.003.
2. H. Majed, H. N. Noura, and A. Chehab, “Overview of Digital Forensics and Anti-Forensics Techniques,” 8th Int. Symp. Digit. Forensics Secur. ISDFS 2020, no. June, 2020, doi: 10.1109/ISDFS49300.2020.9116399.
3. M. Gül and E. Kugu, “A Survey On Anti-Forensics Techniques,” Int. Artif. Intell. Data Process. Symp., 2017.
4. K. Conlan, I. Baggili, and F. Breitinger, “Anti-forensics: Furthering digital forensic science through a new extended, granular taxonomy,” DFRWS 2016 USA - Proc. 16th Annu. USA Digit. Forensics Res. Conf., vol. 18, no. December 2015, pp. S66–S75, 2016, doi: 10.1016/j.diin.2016.04.006.
5. E. Pimenidis, “Computer Anti-forensics Methods and Their Impact on Computer Forensic Investigation Computer Anti-forensics Methods and Their Impact on,” no. August 2009, pp. 145–155, 2016, doi: 10.1007/978-3-642-04062-7.
6. G. C. Kessler, “Anti-forensics and the digital investigator,” Proc. 5th Aust. Digit. Forensics Conf., pp. 1–7, 2007.
7. A. R. Mothukur, A. Balla, D. H. Taylor, S. T. Sirimalla, and K. Elleithy, “Investigation of Countermeasures to Anti-Forensic Methods,” 2019 IEEE Long Isl. Syst. Appl. Technol. Conf., pp. 1–6, 2019.
8. M. S. Bari and A. T. Siddique, “Study on different Cryptography Algorithm a Critical Review,” Int. J. Adv. Res. Comput. Eng. Technol. Vol. 6, Issue 2, Febr. 2017, ISSN 2278 – 1323 Study, vol. 6, no. 2, pp. 177–182, 2017.
9. F. Hou, N. Xiao, F. Liu, and H. He, “Secure disk with authenticated encryption and IV verification,” 5th Int. Conf. Inf. Assur. Secur. IAS 2009, vol. 2, pp. 41–44, 2009, doi: 10.1109/IAS.2009.48.
10. Q. X. Miao, “Research and analysis on Encryption Principle of TrueCrypt software system,” 2nd Int. Conf. Inf. Sci. Eng. ICISE2010 - Proc., pp. 1409–1412, 2010, doi: 10.1109/ICISE.2010.5691392.
11. H. Gonzalez, A. A. Kadir, N. Stakhanova, N. Alzahrani, and A. A. Ghorbani, “Exploring reverse engineering symptoms in android apps,” Proc. 8th Eur. Work. Syst. Secur. EuroSec 2015, 2015, doi: 10.1145/2751323.2751330.
12. K. Lim, Y. Jeong, S. J. Cho, M. Park, and S. Han, “An android application protection scheme against dynamic reverse engineering attacks,” J. Wirel. Mob. Networks, Ubiquitous Comput. Dependable Appl., vol. 7, no. 3, pp. 40–52, 2016.
13. E. J. Schwartz and T. Avgerinos, “All you ever wanted to know about dynamic taint analysis forward symbolic execution (but might have been afraid to ask),” pp. 1–5, 2010.
14. J. Narayan, S. K. Shukla, and T. C. Clancy, “A survey of automatic protocol reverse engineering tools,” ACM Comput. Surv., vol. 48, no. 3, 2015, doi: 10.1145/2840724.
15. E. Stroulia and T. Systä, “Dynamic analysis for reverse engineering and program understanding,” ACM SIGAPP Appl. Comput. Rev., vol. 10, no. 1, pp. 8–17, 2002, doi: 10.1145/568235.568237.
16. D. Cordes and M. Brown, “The Literate-Programming Paradigm,” Computer (Long. Beach. Calif)., vol. 24, no. 6, pp. 52–61, 1991, doi: 10.1109/2.86838.
17. T. Diamantopoulos, K. Thomopoulos, and A. Symeonidis, “Reusability-aware Recommendations of Source Code Components,” pp. 488–491, 2016, doi: 10.1145/2901739.2903492.
18. E. (2011). R. secrets of reverse engineering (1st ed. ). J. W. & S. Eilam, Reversing: Secrets of Reverse Engineering. Wilely Publishing, 2011.
19. B. David, E. Filiol, and K. Gallienne, “Structural analysis of binary executable headers for malware detection optimization,” J. Comput. Virol. Hacking Tech., vol. 13, no. 2, pp. 87–93, 2017, doi: 10.1007/s11416-016-0274-2.
20. S. She, R. Lotufo, T. Berger, A. Wa̧sowski, and K. Czarnecki, “Reverse engineering feature models,” Proc. - Int. Conf. Softw. Eng., pp. 461–470, 2011, doi: 10.1145/1985793.1985856.
21. N. Bibi, T. Rana, A. Maqbool, F. Afzal, A. Akgül, and M. De la Sen, “An Intelligent Platform for Software Component Mining and Retrieval,” Sensors (Basel)., vol. 23, no. 1, pp. 1–24, 2023, doi: 10.3390/s23010525.
22. R. Hoffmann, J. Fogarty, and D. S. Weld, “Assieme: Finding and leveraging implicit references in a web search interface for programmers,” UIST Proc. Annu. ACM Symp. User Interface Softaware Technol., pp. 13–22, 2007, doi: 10.1145/1294211.1294216.
23. E. Linstead, P. Rigor, S. Bajracharya, C. Lopes, and P. Baldi, “Mining Internet-scale software repositories,” Adv. Neural Inf. Process. Syst. 20 - Proc. 2007 Conf., no. January, 2008.
24. R. P. and S. C. S. Neelamadhab Padhy, “(PDF) Identifying the Reusable Components from Component-Based System_ Proposed Metrics and Model _ Rasmita Panigrahi - Academia,” Adv. Intell. Syst. Comput., 2019.
25. Christnatalis, A. M. Husein, M. Harahap, A. Dharma, and A. M. Simarmata, “Hybrid-AES-Blowfish algorithm: Key exchange using neural network,” 2019 Int. Conf. Comput. Sci. Inf. Technol. ICoSNIKOM 2019, pp. 4–7, 2019, doi: 10.1109/ICoSNIKOM48755.2019.9111500.
26. K. I. Santoso, M. A. Muin, and M. A. Mahmudi, “Implementation of AES cryptography and twofish hybrid algorithms for cloud,” J. Phys. Conf. Ser., vol. 1517, no. 1, 2020, doi: 10.1088/1742-6596/1517/1/012099.
27. J. H. Chikofsky, E., & Cross, I., “Reverse Engineering and Recovery A Taxonomy,” IEEE Softw., p. 7(1), 13-17, 1990.
28. D. Mutz, C. Kruegel, W. Robertson, G. Vigna, and R. a Kemmerer, “Reverse Engineering of Network Signatures,” Proc. Auscert Asia Pacific Inf. Technol. Secur. Conf. Gold, no. i, pp. 1–86499, 2005.
29. E. Summary and I. D. a Pro, “Executive Summary : IDA Pro – at the cornerstone of IT security What is IDA Pro ? How is IDA Pro useful ? Who are IDA Pro users ?,” PC Mag., 2009.
30. R. Sihwail, K. Omar, and K. A. Z. Ariffin, “A Survey on Malware Analysis Techniques : Static , Dynamic , Hybrid and Memory Analysis,” no. September, 2018, doi: 10.18517/ijaseit.8.4-2.6827.
31. M. Sikorski and A. Honig, Practical malware analysis: the hands-on guide to dissecting malicious software. no starch press. 2012.
32. O. Or-Meir, N. Nissim, Y. Elovici, and L. Rokach, “Dynamic malware analysis in the modern era—A state of the art survey,” ACM Comput. Surv., vol. 52, no. 5, 2019, doi: 10.1145/3329786.