In this course, we address the issue of malware, a major societal concern. IT infrastructures now require security specialists to prevent attacks and analyze the damage caused by malware.
The lesson plan is in three parts :
– What is a malware: taxonomies and different types and capabilities of malware. Analysis of classic schemes of compromises and adjacent infrastructures.
– Malware analysis; Review of the basics needed for Windows process and assembly language operation. Triages techniques, dynamic and static analysis. Use of debugger, decompilers and disassembler. Using flow control graphs. Use of forensic detection tools.
– Technique used by malware; Obfuscations of code, function call and flow. Encryption, polymorphisms and variations, Stealth.