Malware Analysis

Course Description:
This course focuses on methods for the analysis of malware (trojans, rootkits, ransomware etc). This involves the analysis of real-world and recent malware in real time and live environments. We study malware collection tools, techniques for static code analysis, as well as dynamic analysis through disassemblers and debuggers

More specifically this course covers the following topics:
• Malware
• C&C servers (protocols and methods)
• Obfuscation
• Static malware analysis
• Dynamic malware analysis
• Machine learning for malware detection

The labs will cover practical aspects of malware analysis where students will use VMs to extract features from malware and also interact with them via debuggers and sandboxes to understand how a malware acts and how it can be analysed.

Course Coordinator: Prof. Kostas Patsakis