Automating Reverse Engineering Processes with AI/ML, NLP, and LLMs

This course enhances reverse engineering (RE) processes through automation, focusing on efficiency and scalability in malware and firmware analysis by integrating Neural Networks (NN), Natural Language Processing (NLP), and Large Language Models (LLMs). It introduces Blackfyre, an open-source system combining a Ghidra plugin and Python library, essential for binary analysis and applying NN/NLP/LLM techniques in RE. The curriculum covers NN and NLP in malware analysis for threat classification and anomaly detection, and in firmware analysis for predicting function/binary names and detecting similarities. It also introduces BinaryRank, inspired by PageRank, but more efficient with linear complexity, for static analysis, improving NLP's effectiveness in binaries data representations. Advanced topics include LLMs for function and binary summarization, and malware analysis for signature and report generation. Designed for those with a foundational understanding of RE, Python object-oriented programming skills, and basic mathematical knowledge, the course aims to bolster NN/NLP/LLM capabilities in automating RE processes.