This Behavioral Malware Analysis course teaches students the fundamental skills necessary to analyze malicious software from a behavioral perspective. From simple key loggers to massive botnets, this class covers a wide variety of current threats. Using system monitoring tools and analytic software, students will analyze real-world malware samples in a training environment, giving them hands-on experience building secure lab environments, classifying malware, analyzing behavioral characteristics and their effects to systems, and documenting findings.
Before taking this course, students should have a comprehensive understanding of Windows, including its major internal components, and a basic understanding of TCP/IP networking.
5 Days/Lecture & Lab
- Set up a secure lab environment in which to analyze malicious software
- Build and maintain a toolset of freely available, trusted tools
- Classify different types of malware and describe their capabilities
- Analyze malware samples of varying types to ascertain their specific behavioral characteristics and their impact on a system
- Determine if a given sample is persistent and, if so, identify and remediate the persistence mechanism(s)
- Identify when a sample is aware of its virtual environment and will require more advanced static or dynamic analysis