CYBR 681 Malware Analysis and Reverse Engineering

The increasing interconnectedness of digital systems and the rapid evolution of malicious software (malware) pose significant threats to individuals, businesses, and critical infrastructure. As cyber threats grow more sophisticated, the ability to analyze, dissect, and reverse-engineer malware is essential for threat intelligence, incident response, and cybersecurity defense. This course provides an in-depth exploration of malware analysis and reverse engineering methodologies, equipping students with the technical skills to investigate, understand, and mitigate malicious software. Students will analyze the characteristics, propagation methods, and impact of various types of malware, assessing their persistence mechanisms and interaction with host systems and networks. Using modern forensic tools, students will apply advanced static and dynamic analysis techniques to deobfuscate and reverse-engineer malware samples. The course also covers attacker techniques designed to evade detection, including anti-disassembly, anti-debugging, anti-virtualization methods, and countermeasures for overcoming these challenges. Students will extract Indicators of Compromise (IoCs) to support threat intelligence efforts and develop skills essential for ethical and responsible malware analysis within legal and professional security research standards. Through hands-on exercises and real-world case studies, students will understand malware behavior comprehensively, strengthening their ability to defend against emerging threats and contribute to cybersecurity resilience.

Prerequisites

• CYBR 621: Secure System Programming and OS Theory

Special information

First day attendance is mandatory.
Prerequisites: Graduate standing. Note: Students are responsible to both be aware of and abide by prerequisites for CYBR courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.