CYBR 482 Malware Analysis
Malware threats continue to evolve, with millions of new variants emerging each year, rendering traditional antivirus solutions insufficient. This course provides an in-depth exploration of malware analysis techniques, equipping students with the skills to identify, analyze, and mitigate malicious software threats. Through static and dynamic analysis, students will leverage antivirus scanning, hashing, string searching, and forensic tools to extract meaningful threat intelligence. They will also employ system and network monitoring to detect data exfiltration attempts and advanced malware behavior. Hands-on labs will guide students in setting up secure virtual environments, utilizing industry-standard tools to safely analyze real-world malware samples. The course introduces reverse engineering principles, empowering students to assess malware capabilities, vulnerabilities, and mitigation strategies while emphasizing ethical considerations and responsible disclosure in malware research.
First day attendance is mandatory.
Overlap: ICS 486. Note: Students are responsible to both be aware of and abide by prerequisites for CFS/CYBR/ICS courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
Prerequisites
Special information
Overlap: ICS 486. Note: Students are responsible to both be aware of and abide by prerequisites for CFS/CYBR/ICS courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
4 Undergraduate credits
Effective May 6, 2020 to present
Learning outcomes
General
- Evaluate the characteristics, motivations, and impacts of malware to assess its role in modern cyber threats.
- Set up and utilize virtualized environments to safely analyze malicious software in a controlled setting.
- Analyze malware using static analysis techniques, including antivirus scanning, hashing, and string searching, to extract meaningful threat intelligence.
- Conduct dynamic malware analysis by monitoring system and network behavior using appropriate forensic tools.
- Investigate and mitigate threats posed by malicious macros in PDFs and Microsoft Office files through behavioral analysis and removal techniques.
- Assess and apply appropriate malware detection and removal strategies to neutralize threats and strengthen cybersecurity defenses.
- Justify and uphold ethical considerations in malware analysis, including responsible disclosure and ethical constraints in handling malicious code.