Who should attend
This course is designed for information assurance officers (IAOs) and managers (IAMs), information security professionals charged with threat detection and incident response, and IT professionals seeking a greater understanding of potential malware threats and exploitation techniques. Familiarity with programming is assumed.
About the course
Malware is a growing threat to the information and intellectual property of organizations. This introductory course will provide a foundational understanding of malicious software, how malware has shaped the global cybersecurity landscape, and malware's future impact. Discussions and hands-on exercises will demonstrate malware analysis processes and their complexities, as well as illustrate how to appropriately size, design, and build an analytical capability best suited for your organization. You will prepare an analysis test-bed and analyze multiple malware samples. Explore advanced techniques and tools, including data exfiltration and stealthy operation, to understand the tactics of malware authors.
What You Will Learn
- Malware overview
- Analysis environment creation
- Static analysis
- Dynamic analysis
- Memory analysis
How You Will Benefit
- Develop foundational knowledge of malicious software, including its forms, traits, author motivations, and impacts.
- Identify, discuss, and practice sound malware analysis processes.
- Conduct analysis on multiple malware samples using modern disassembly, debugging, and analysis tools.
- Determine how to build an analytical capability to fit your organization, considering resource limitation and best practices.
- Discover black hat exploitation techniques, obfuscation techniques, and indicators of compromise.
- Delivery mechanisms
- Obfuscation techniques
ANALYSIS ENVIRONMENT CREATION
- Maintaining anonymity
- Assembly language overview/review
- Reverse engineering
- Analyzing with a disassembler
- Using static tools for analysis (hashes, strings, libraries)
- Analyzing with a debugger
- Monitoring processes and registry changes
- Analyzing network traffic
- Memory dumps
- Identifying suspicious indicators
Barbara Fox (CISSP) is a Research Scientist in the Georgia Tech Research Institute (GTRI) Cyber Technology and Information Security Laboratory (CTISL). Her research focuses on risk management, emerging threats, malware analysis, and insider threat. Ms. Fox combines a rich background in instructio...
My name is George Macon, and I’m currently a Ph.D. student at the Georgia Institute of Technology researching computer security in the Communications Systems Center under the advisement of Dr. John Copeland. I work as a Graduate Research Assistant in the Cyber Technology and Information Security...
Because of COVID-19, many providers are cancelling or postponing in-person programs or providing online participation options.
We are happy to help you find a suitable online alternative.