CSC 471 Modern Malware Analysis

2023-Spring Course Website

Instructor: Si Chen

Course Logo

About Maleware and Malware Analysis

Malware, a term used to describe various types of malicious software, poses a significant threat to both personal privacy and computer security. This can include viruses, adware, spyware, browser hijacking software, and fake security software. When installed on a computer, these programs can relay personal information to third parties without user consent, and may also contain worms and viruses that cause significant damage. As a result, the ability to detect, analyze, understand, control, and eradicate malware is becoming a crucial issue in both economic and national security.

Course Description

This course aims to provide students with a comprehensive understanding of modern malware analysis techniques through lectures and hands-on interactive analysis of real-world samples. This includes exploring various recent attacks to develop a foundation and well-rounded view of cybersecurity research. Participants will also read and discuss research papers, and conduct an independent project on a topic related to cyber risk and malware analysis.
Upon completion of the course, students will be equipped with the skills to analyze advanced contemporary malware using both static and dynamic analysis methods. This knowledge will enable them to effectively detect, understand, and mitigate the impact of malware threats.

Expected Background

No prerequisite for graduate students, although sufficient security background is expected.
My expected demographic for Malware Analysis was students with zero reverse engineering experience. That said, to be able to take this course you will probably need at least the following skills.
  • Basic programming concepts
  • Knowledge with the C programming language, including pointers, arrays, loops, function calls, etc.
  • Familiar with Unix/Linux including the command-line shell and gdb
  • Familiar with Intel x86 assembly language and architecture
  • Familiar with web programming concepts (HTML, HTTP, TCP, network communications)

Textbook

No Textbook

Reference book:

  1. Monnappa K A, Learning Malware Analysis: Explore the concepts, tools, and techniques to analyze and investigate Windows malware , ISBN 978-1788392501
  2. Michael Sikorski, Andrew Honig, Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software, 1st Edition, ISBN 978-1593272906

Course Content

# Date Topic Slides Supporting Materials
Class 1 Jan 24, 2023 Introduction ch01.pdf
  • Windows XP Environment Disclaimer
  • VirtualBox
  • [Video]
  • Class 2 Jan 26, 2023 Basic Concepts, DLL Injection (1) ch02.pdf
  • hack_dll.zip
  • hack_dll_src.zip
  • [Video]
  • Tutorials and Supporting Materials