The ubiquitous nature of Internet of Everything (IoE) and the prevalence of computing technologies in critical infrastructure sectors have brought an unprecedented digital transformation to individuals, businesses, and industries. On the other hand, the IoE has also enabled the increased spread of malicious software (malware). Malware attacks are increasing exponentially over time with total number of known malware surpassed one billion. As a result, the ability to detect, analyze, understand, control, and eradicate malware derive threat intelligence, helps provide timely response to security incidents, fortify defenses, and is essential to nation¿s economic vitality and security. This course introduces malware analysis and reverse engineering techniques which will allow students to recognize, analyze and remediate infections. Using modern tools and procedures the student will understand how to dissect and reverse engineered a malware to understand its behavior, propagation, persistency, and other associated characteristics. Upon completion of the course, the students will have the reverse engineering skills necessary to understand, dissect and analyze malware.
- Recognize and understand the characteristics of various malware, motivations of creators, and impacts on recipients
- Describe the manner that malware propagates, becomes resident and executes.
- Analyze how malware interacts with any associated networks, identifying the type of information being targeted.
- Demonstrate the ability to use various tools and techniques to safely perform static and dynamic analysis of software (or malware) of potentially unknown origin, including obfuscated malware, to fully understand the software's functionality.
- Apply testing methodologies to build test cases that demonstrate the existence of vulnerabilities in software (or malware).
- Recognize and understand the anti-disassembly, anti-debugging, and anti-VM techniques that are incorporated by the attacker to impede the analysis and reversing of malware.
- Formulate Indicators of Compromise (IoCs) from malware samples to aid in threat intelligence efforts.
- Demonstrate ethical behavior appropriate to security-related technologies.