There are many types of malicious software that are enabled by the wider use of the internet, portable media, mobile devices and embedded systems. This malicious software includes trojan horses, worms, viruses, botnets and spyware, ransomware and many more. In this course, students will be shown how to set up an analysis “laboratory” that will offer all the isolation and protection needed for safe dissection of malware, while being capable enough to deliver fast and accurate results.
After discussing the primary goals of malware analysis and offering a number of “pro-tips”, the instructor lays out a design for an analysis lab. Every step of building the lab is demonstrated in such a way as to enable and encourage students new to the field to be successful. Once the lab is operational, the process for dissecting malware samples is delivered in an interactive and hands-on manner, geared toward having the student complete the analysis within their own lab concurrent with the lesson being taught.
Even though the course lessons are demonstrated in a Microsoft Windows environment, users familiar with both Apple MacOS and Linux will be able to follow along as all the software in use available for all three platforms and at no cost.
Once the technique and tools used for malware analysis have been taught, malware samples are provided to the student for additional practice.