Explore UCD

UCD Home >

COMP47810

Academic Year 2024/2025

Malware Analysis (COMP47810)

Subject:
Computer Science
College:
Science
School:
Computer Science
Level:
4 (Masters)
Credits:
5
Module Coordinator:
Dr Anca Delia Jurcut
Trimester:
Spring
Mode of Delivery:
Blended
Internship Module:
No
How will I be graded?
Letter grades

Curricular information is subject to change.

This module introduces the different types of malware (malware taxonomy) and the existing methods to detect and analyse malware. It teaches methods to identify and analyse malware samples using static and dynamic analysis, machine learning and reverse engineering techniques. Furthermore, key reverse engineering tools such as IDA Pro and OllyDbg are introduced.

About this Module

Learning Outcomes:

● Describe types of malware, including Viruses, Worms, Trojans, Rootkits, Spyware and Ransomware.
● Perform static and dynamic malware analysis on various malware samples.
● Understand executable formats.
● Learn to apply machine learning techniques for detection and analysis of malware.
● Apply techniques and concepts to unpack, extract, and decrypt malware.
● Common approaches to reverse engineering.
● Practical skills with industry-standard malware analysis tools.

Indicative Module Content:

• Fundamentals of Malware Analysis including: the types of malware, the existing malware analysis techniques and malware analysis tools.
• Static Analysis including: file signature analysis, identifying file dependencies, database of file hashes, string analysis, malware sandboxing, levels of abstraction, x86 assembly, and static analysis tools.
• Dynamic Analysis including: debugging, source level vs. assembly level debuggers, Kernel vs. user-mode debugging, DLL analysis, and dynamic analysis tools.
• Reverse Engineering including: reverse engineering malicious code, identifying malware passwords, bypassing authentication, advanced malware analysis: - case study: Ransomware analysis using ML techniques - and reverse engineering tools: IDA Pro and Ollydbg.
• Malware Functionality including: malware behavior, covert malware launching, data encoding, and malware-focused network signatures.
• Anti-Reverse-Engineering including: anti-disassembly, anti-debugging, packers, and unpacking.
• Machine Learning Techniques for Malware Analysis including: Support Vector Machine (SVM), K-Nearest Neighbor (KNN), Random Forest (RF), Decision Trees (DT), Naive Bayes (NB), and Deep Learning techniques.


Student Effort Hours:
Student Effort Type Hours
Lectures

24

Seminar (or Webinar)

6

Autonomous Student Learning

70

Total

100


Approaches to Teaching and Learning:
The course material will be delivered as weekly live lectures that will be recorded and made available for students to view afterwards. The lectures will be complemented by 3 face to face workshops where the malware analysis tools used in this course are introduced (first workshop), the assignments are explained and discussed (workshop 2), the assignments are presented and evaluated (workshop 3).

Requirements, Exclusions and Recommendations

Not applicable to this module.


Module Requisites and Incompatibles
Not applicable to this module.
 

Assessment Strategy
Description Timing Component Scale Must Pass Component % of Final Grade In Module Component Repeat Offered
Individual Project: An individual project that includes 3 phases: proposal, to write an essay based on the results of the work and to do a 10 min presentation of the work. Week 4, Week 10, Week 12 Alternative linear conversion grade scale 40% Yes
60
Yes
Exam (Online): Online Quiz Week 14 Alternative linear conversion grade scale 40% Yes
40
Yes

Carry forward of passed components
Yes
 

Resit In Terminal Exam
Autumn Yes - 2 Hour
Please see Student Jargon Buster for more information about remediation types and timing. 

Feedback Strategy/Strategies

• Feedback individually to students, on an activity or draft prior to summative assessment
• Feedback individually to students, post-assessment
• Online automated feedback

How will my Feedback be Delivered?

Assignment results will be notified after submission deadline. Where appropriate (e.g. when answering MCQ tests) the results will be communicated automatically online.

1. Abhijit Mohanta and Anoop Saldanha, "Malware Analysis and Detection Engineering a Comprehensive Approach to Detect and Analyze Modern Malware", 2020, 1th Edition, Apress Berkeley, CA (ISBN No.: 978-1-4842-6193-4),United States.
2. Michael Sikorski and Andrew Honig, "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software", 2012, 1th Edition, No Starch Press San Francisco, CA, (ISBN No.: 9781593272906), United States.
3. C. Eagle "The IDA Pro Book, 2nd Edition: The Unofficial Guide to the World's Most Popular Disassembler", Second Edition

Timetabling information is displayed only for guidance purposes, relates to the current Academic Year only and is subject to change.
Spring Practical Offering 1 Week(s) - 19, 28, 34 Fri 09:00 - 10:50