Malicious Code Analysis
Introduction to Malicious Code Analysis starts with the setup of an environment for the study of malicious software in such a way as to mitigate the risk of propagation or negative side-effects. Next, common techniques used by malicious code to facilitate stealth, protection and propagation will be discussed followed by a methodology and tools for analysis.
Course Outline |
|||||
Environment Analysis |
Stealth Techniques |
Analysis Methodology |
|||
Properties |
File Hiding |
Study vs. forensic |
|||
Quarantine |
Anti-Reverse Eng. |
Sensor data |
|||
Simulation |
Propagation |
Infrastructure |
|||
Sensor |
Anti-virus |
Software Protocol |
|||
Lab
Students will collaborate to perform an analysis of real-world malicious code, reporting on their results to the rest of the class. Analysis techniques and tools must counter the malware's stealth techniques and will require Reverse Engineering and the analysis of communication protocols and Operating System elements.
Suggested prerequisites |
Follow-ons |
Reverse Engineering |
Ethical Hacking |
TCP/IP Protocol Analysis |
Buffer Overflow Fundamentals |
Please refer to the Schedule/Fees for dates of availability