Malware Analysis

Lecturers: Dr. Ferhat Ozgur Catak, Mehmet Can Doslu

Course Description This course provides a broad introduction to malware analysis concepts and practices. Starting with basic static analysis, additional lessons explore core technologies such as encryption, packing and anti-vm techniques. Topics include: static analysis, dynamic analysis, static/dynamic analysis blocking methods, Assembly language.

Course Information

Time and Location

Friday 19:00 - 21:00

Contact Information

ozgur.catak@tubitak.gov.tr

Reference Books

  1. Practical Malware Analysis : The Hands-On Guide to Dissecting Malicious Software , Michael Sikorski, Andrew Honig - 2012
  2. Malware Analyst’s Cookbook, Michael Hale Ligh, Matthew Richard, Steven Adair, Blake Hartstein – 2010

Grading Policy (Subject to change)

Exam Grading
Midterm 30%
Presentation & Report 20%
Attendance 10%
Final 40%

Presentations

Week No Materials
1 Introduction
2 Static Analysis - Linux-Malware
3 Behavior Analysis - Assembly
4 Code Analysis - Windows Malware Analysis - Static Analysis Blocking / Lab
6 Anti Dynamic Analysis - Packers and Unpacking
7 Malware Behaviour / Lab / Video (Password: infected)
8 Memory Forensics / Malicious Docs