Software Reverse Engineering and Malware Analysis

Course #CS4648

Est.imated Completion Time: 3 months

POC: NPS Online Support

Overview

This course will explore how malware is constructed through reverse engineering and analysis of malicious code. Techniques to perform dynamic behavioral analysis and static examination of program control flow and properties will be discussed. Malware analysis topics include: obfuscation, stealth, persistence, propagation, network communications for command & control, anti-analysis (anti-debugging, anti-disassembly, anti-virtualization), code injection, and process hollowing. Reverse engineering involves disassembling and analyzing binary executables to determine the techniques used by the malware to achieve its mission. Attack campaigns by known advanced persistent threats. (APTs) will be used in case studies.

Included in degrees & certificates

  • 260
  • 367

Prerequisites

  • CS3140
  • CS3070

Learning Outcomes

The student will be able to:

  • Describe obfuscation techniques.
  • Describe stealth and persistence mechanisms.
  • Describe anti-analysis (anti-debugging, anti-disassembly, anti-virtualization) techniques.
  • Describe code injection and process hollowing techniques.
  • Describe process to reverse engineer binary executables.
  • Describe process to perform static analysis.
  • Describe process to perform dynamic analysis.
  • Describe communications channels.
  • Understand APTs, propagation vectors, and attribution.
Offerings database access
Asset Publisher

Application Deadlines

  •  08 Jan 2024

    Spring Quarter applications due

  •  01 Apr 2024

    Summer Quarter applications due

  •  08 Jul 2024

    Fall Quarter applications due

Asset Publisher

Academic Calendar

  •  08 Dec 2023

    Last day of classes

  •  12 Dec 2023 – 14 Dec 2023

    Fall Quarter final examinations

  •  15 Dec 2023

    Fall Quarter graduation

See NPS Academic Calendar for more dates.