Skip to main content

Malware AnalysisLaajuus (4 cr)

Code: TT00CE14

Credits

4 op

Teaching language

  • English
  • Finnish

Responsible person

  • Joonatan Ovaska

Objective

The course focuses on the analysis of malware, emphasizing dynamic analysis methods and tools. Students will learn to identify and examine malicious software. Students will also gain proficiency in essential malware analysis tools, enabling them to effectively assess malware behavior and potential threats. The goal is to learn tools and methods to analyze malware behavior and to be able to draw some conclusions about what the malware does relatively quickly. Students will gain understanding on how malware is capable of using OS executables.

EUR-ACE Knowledge and understanding
You know the basic methods of malware analysis by applying theory and practice. You understand their importance when you perform malware analysis.

EUR-ACE Engineering practice
You can analyze and identify methods related to malware applying practice and theory.

Content

This course focuses on malware analysis with an emphasis on dynamic analysis methods and tools. You will learn to identify and investigate malware, gaining proficiency in key analysis tools to effectively assess malware behavior and potential threats. The goal is to learn tools and methods for analyzing malware behavior and to draw conclusions about malware operations quickly. You will also understand how malware can exploit operating system executables.

The course content encompasses a range of topics related to malware analysis. Students will delve into:
Dynamic analysis methods
Malware identification techniques
Indicators of Compromises (IOC)s
Sandboxing

The course also covers debugging skills and provides hands-on experience with various malware analysis tools.

Qualifications

Data structures and algorithms
Basics of programming
Auditing and Penetration Testing

Assessment criteria, satisfactory (1)

Sufficient (1)
The student knows and understands the basic concepts of malware analysis and related theory. The student knows how to use the tools used in malware analysis with assistance.

Satisfactory (2)
The student knows and understands the basic concepts of malware analysis and the related theory. The student knows how to utilize the tools used in malware analysis in a guided manner.

Assessment criteria, good (3)

Good (3)
The student knows and understands the basic concepts of malware analysis and the related theory in a comprehensive way. The student knows how to use the tools used in malware analysis.

Very good (4)
The student knows and understands the concepts of malware analysis and the related theory in a comprehensive way. The student knows how to use the tools used in malware analysis in an advanced manner.

Assessment criteria, excellent (5)

Excellent (5)
The student knows and understands the concepts of malware analysis and the related theory excellently. The student knows how to use and select appropriate tools used in malware analysis in an advanced manner and is able to use new tools independently.