CS4648 Software Reverse Engineering and Malware Analysis
This course will explore how malware is constructed through reverse engineering and analysis of malicious code. Techniques to perform dynamic behavioral analysis and static examination of program control flow and properties will be discussed. Malware analysis topics include: obfuscation, stealth, persistence, propagation, network communications for command & control, anti-analysis (anti-debugging, anti-disassembly, anti-virtualization), code injection, and process hollowing. Reverse engineering involves disassembling and analyzing binary executables to determine the techniques used by the malware to achieve its mission. Attack campaigns by known advanced persistent threats. (APTs) will be used in case studies.
Lecture Hours
3
Lab Hours
2