Learning Outcomes:
● Describe types of malware, including Viruses, Worms, Trojans, Rootkits, Spyware and Ransomware.
● Perform static and dynamic malware analysis on various malware samples.
● Understand executable formats.
● Learn to apply machine learning techniques for detection and analysis of malware.
● Apply techniques and concepts to unpack, extract, and decrypt malware.
● Common approaches to reverse engineering.
● Practical skills with industry-standard malware analysis tools.
Indicative Module Content:
• Fundamentals of Malware Analysis including: the types of malware, the existing malware analysis techniques and malware analysis tools.
• Static Analysis including: file signature analysis, identifying file dependencies, database of file hashes, string analysis, malware sandboxing, levels of abstraction, x86 assembly, and static analysis tools.
• Dynamic Analysis including: debugging, source level vs. assembly level debuggers, Kernel vs. user-mode debugging, DLL analysis, and dynamic analysis tools.
• Reverse Engineering including: reverse engineering malicious code, identifying malware passwords, bypassing authentication, advanced malware analysis: - case study: Ransomware analysis using ML techniques - and reverse engineering tools: IDA Pro and Ollydbg.
• Malware Functionality including: malware behavior, covert malware launching, data encoding, and malware-focused network signatures.
• Anti-Reverse-Engineering including: anti-disassembly, anti-debugging, packers, and unpacking.
• Machine Learning Techniques for Malware Analysis including: Support Vector Machine (SVM), K-Nearest Neighbor (KNN), Random Forest (RF), Decision Trees (DT), Naive Bayes (NB), and Deep Learning techniques.