Scribd
Upload
6 views

Topic 1. Intro

The document outlines a course on Malware Analysis, detailing the course rules, evaluation strategy, and key concepts related to information assurance and malware detection. It emphasizes the importance of understanding malware threats, various analysis methods, and practical applications in real-world scenarios. The course aims to equip students with the skills to detect, analyze, and eradicate malware effectively.

Uploaded by

khoiclever
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
6 views

Topic 1. Intro

The document outlines a course on Malware Analysis, detailing the course rules, evaluation strategy, and key concepts related to information assurance and malware detection. It emphasizes the importance of understanding malware threats, various analysis methods, and practical applications in real-world scenarios. The course aims to equip students with the skills to detect, analyze, and eradicate malware effectively.

Uploaded by

khoiclever
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 13

Topic 1: Introduction

Because teaching teaches


teachers to teach
Course Rules

How to conduct:
- Prepare contents of the next session at home (Book, CD)
- Explain and understand new concepts and key points.
- Do homeworks (LABs), quiz (via CMS)…
Others:
- Off phone
- Use laptops under teacher’s instruction
- No game, no chat in class
Evaluation Strategy

Must attend more than 80% of contact hours


(if not, not allow to take exam).
Evaluating:
2 Progress tess (Q) 20 %
19 Labs (Lab) 40%
1 Participation in Discussions(P) 10%
Final exam (FE) 30%
Total score = 20% (Q) + 40% (Lab) + 10% (P) + 30% (FE)
Pass:
Total score ≥ 5 and
Average Lab Score ≥ 4 and
Final Examination ≥ 4 (of 10)
Retake only the Final Exam when not passed
Tool & Soft

https://fptuniversity-my.sharepoint.com/:f:/g/personal/
dinhmh_fpt_edu_vn/
Es7sIL1BYNVMpjfwJUi7k2wB5y_E_pMkqoUGYmng5rCJxA?
e=uShd1y
Key concept

• The Need
• Scope
• Objectives
• Expectation
• History and Overview
• References
The Need

Malware -Malicious software


Nowadays a great danger with malware, an exponential
growth in hacking attempts utilizing malware to compromise
the data security.
e.g. recent ransomware WannaCry, Peter,…
May cause widespread damage, in fact a lot of affected
organizations.
Information Assurance (IA) aims to protect and defend
information systems by ensuring their confidentiality,
integrity, authentication, availability, and nonrepudiation.
need to design measures that would ensure the protection of
such systems and their associated data.
IA can benefit greatly from Malware Analysis
Scope

 Malware Analysis becomes an essential component of IA by


ensuring the detection, analysis, reverse engineering, and
eradication of any software that attempts to temper with
these systems or their data.
 The scope includes:
1.Introduction to Malware Analysis.
2.Malware Analysis Labs
3.Methodology to detect, analyze, reverse-engineer, and
eradicate malware.
4.Malware Analysis Applications.
5.Forensics tools used for Malware Analysis.
Objectives

1. Develop a good understanding of Malware


Analysis:
 today’s greatly increasing malware threats
 malware activity mechanism and behavior
 malware classification
 building an environment to do static and dynamic
malware analysis
 methods and tools to detect, analyze, reverse-engineer,
and eradicate malware
Objectives (Cont)

2. Identify the different types of Malware Analysis


methods:
 static (ASCII, binary, logical signature detection)
 dynamic (network traffic analysis, memory forensics,
dynamic reverse engineering)
 hybrid.
3. Gain a broad exposure to real world applications of
Malware Analysis:
 take control of the incident, incident response
 analyze the threat, examine interactions with the
environment
 mitigate the risks of malware attempting to escape from
the lab
Objectives (Cont)

4. Set up a relatively inexpensive lab for Malware Analysis


activities.
5. Utilize a standard methodology for detecting, analyzing,
reverse engineering, and eradicating malware.
6. Use a Malware Analysis-based approach in order to
resolve real world problems.
7. Recognize common malware characteristics (propagation,
infection, self-defense, capabilities, …).
8. Bypass some of the advanced malware techniques, such as
packing, obfuscation and anti-analysis of armored malware
breeds
Expectation
 An effective immersion into the realm of Malware Analysis
and Reverse Engineering.
 A progressive approach introducing relevant concepts and
techniques while preparing students to become effective
malware analysts.
 A practical approach in detecting, analyzing, reverse
engineering, and eradicating malware.
 Key Aspects: Reverse Engineering malware from various
sources and using various programming languages.
 Standard Methodology: setting up an inexpensive laboratory,
isolating it from production environments, utilizing a selected
set of forensic tools in order to dissect the malware, discover
its characteristics, neutralize its effects.
History and Overview

- What is malware?: software intended to intercept or take partial


control of a computer's operation without the user's informed consent.
It subverts the computer's operation for the benefit of a third party.
- Malware includes all kinds of intruder software: viruses, worms,
backdoors, rootkits, Trojan horses, stealware, …
- Why do people write malware?: In the 1990s: form games spread
to other machines. Later, to partially control the user’s computer
(adware, spyware, spam, fraud, DDoS, ransomware, …)
- Malware over time: in the 1990’s -Morris Worm, polymorphic
malware, in the 2000’s -Code Red worm, VundoTrojan, rootkit,
stuxnet, …
Q&A

You might also like