Malicious code detection technologies
Course: Cybersecurity
Structural unit: Faculty of information Technology
Title
Malicious code detection technologies
Code
ВБ 1.3
Module type
Вибіркова дисципліна для ОП
Educational cycle
First
Year of study when the component is delivered
2021/2022
Semester/trimester when the component is delivered
5 Semester
Number of ECTS credits allocated
6
Learning outcomes
Acquisition of knowledge, skills and abilities (competencies) regarding detection and analysis of malicious code (malware analysis). Abilities: to apply knowledge in practical situations; to understand the subject area and to understand the future profession; to identify, to pose and to solve problems in a professional manner; to search, to process and to analyze of information; to understand the patterns of development of the subject area, its place in the general system of knowledge.
Form of study
Full-time form
Prerequisites and co-requisites
To know the basics of algorithmization; an architecture of computer systems; the basics of information protection and information technologies in general; the main operating systems (including for mobile devices); the basics of building information systems and networks; the cryptographic information protection systems; the basics of Assembler, Python.
Be able to programme in the C/C++ language; to set a task and divide it into components; to describe the task and its solution (to create a report in accordance with the task); to determine the main areas of information protection in the system and to provide recommendations for their implementation; to install, to debug, to work freely with various operating systems, to know the basics of their protection; to own modern virtualization technologies.
To possess elementary skills of mathematical modeling, forecasting, methods of analysis and synthesis.
Course content
During the study of the discipline "Malware Code Detection Technologies" the issues of detection and analysis of malicious code (malware analysis) are considered. Provides a short introductory course on the history of malware, the main tactics used by attackers to create and use malware (MWW). The general method of analysis of SMPs, the types of SMPs, the rules of analysis, the basics of SMP detection using Yara, the basics of static and dynamic analysis are considered. The procedure for analyzing Web exploits, ransomware and program disassembly is considered in detail.
Recommended or required reading and other learning resources/tools
1. Сourse «Malware Analysis», the USAID Project «Cybersecurity for Critical Infrastructure in Ukraine», 2021.
2. Michael Sikorski, Andrew Honig. Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software. (2012), 1128 p.
3. Michael Hale Ligh, Steven Adair, Blake Hartstein, Matthew Richard. Malware Analyst Cookbook and DVD. Tools and Techniques for Fighting Malicious Code (2011), 746 p.
4. Chris Eagle. The IDA Pro Book (2011), 676 p.
5. Joshua D. Drake, Zach Lanier, Collin Mulliner, Pau Oliva Fora, Stephen A. Ridley, Georg Wicherski. Android Hacker's Handbook (2014), 576 p.
6. Monnappa K. A. Learning Malware Analysis: Explore the concepts, tools, and techniques to analyze and investigate Windows malware. BIRMINGHAM – MUMBAI, Packt> (2018), 501 p.
Planned learning activities and teaching methods
Lectures, practical training, individual work
Assessment methods and criteria
The level of achievement of all planned learning outcomes is determined by the results of the tasks performed in practical works and control works.
Final assessment: the form of assessment is an exam; the maximum number of points that can be obtained by the applicant is 40 points on a 100-point scale; the exam is considered to have been passed, provided that the applicant received at least 24 points on the exam (60% of the maximum possible number of points that the applicant can receive for the exam).
The form of the final evaluation includes theoretical questions in a detailed form and in the form of a test (60%); practical tasks (can be presented in the form of a test) (40%).
Language of instruction
Ukrainian
Lecturers
This discipline is taught by the following teachers
Faculty of information Technology
Departments
The following departments are involved in teaching the above discipline
Faculty of information Technology