|
|
|
Apr 25, 2024
|
|
CIS 295 - Malware Analysis
5.0 Credits
This course prepares forensic analysts, information security professionals and incident responders to reverse-engineer malicious software using practical tools and techniques. Prerequisite: CIS 293 with a grade of at least 3.0 or instructor permission.
Course-level Learning Objectives (CLOs)
Upon successful completion of this course, students will be able to:
- Use tools and their respective functions for the various stages of the malware analysis process. [REASON]
- Deconstruct common root kit components and functions to include resident malicious code, VB Macros, Java-Script executables and Shellcode executables. [REASON]
- Apply procedures used to intercept and analyze network traffic generated by malware. [REASON]
- Using virtual computing technologies, implement tools and processes used to create a lab environment for reverse-engineering malware. [REASON]
- Modify malicious code to defeat anti-forensic measures contained in self-defending malware. [REASON]
- Examine various formats used to “pack” malicious executable code, and use and select the appropriate tools for unpacking the code. [REASON]
- De-obfuscate malicious code packages within executables. [REASON]
- Perform static memory malware analysis from artifacts resident in Random Access Memory. [REASON]
- Describe how malware utilizes Windows Operating System API functions for propagation and concealment. [COMMUNICATE]
- Describe how processes are translated between memory registers, memory stack, and instructions contained in software code. [COMMUNICATE]
Add to Personal Catalog (opens a new window)
|
|
|
