Apr 25, 2024  
Website Catalog (In Development) 
    
Catalog Navigation
  Catalog Home
  About SUNY Broome
  Admissions
  Register for a Class
  Programs of Study
  Course Descriptions
  Expenses
  Financial Aid
  Academic Information
  Student Services
  Student Life
  SUNY Information
  Academic Departments
  Affiliate Organizations
  Academic Calendar
HELP
Website Catalog (In Development)
Facebook this Page (opens a new window)
Tweet this Page (opens a new window)

CST 160 - Malware Analysis

The purpose of CST 160 is to gain an understanding of the different families of malware and how the malicious actions performed by the malware are coded and controlled.  Malware authors need to have a good understanding of operating systems, file systems, network communication, programming, and cryptography, as well as tricks to hide traces of malware on a system.  Numerous examples of actual malware are examined in a safe and secure way.  By examining malware we learn about its “indicators of compromise,” which in turn help detect future attacks and plug security holes that allowed the malware to infect the system.

Prerequisite- Corequisite
Prerequisites:  CST 113 Introduction to Programming or CST 121 Introduction to Python Programming

Credits: 3
Hours
2 Class Hours; 2 Laboratory Hours
Course Profile
Learning Outcomes of the Course:

Upon successful completion of this course the student will be able to:

  1. Recognize the many different types of malware typically encountered on Windows systems.
  2. Demonstrate using different techniques for analyzing malware source code and executable code, including static analysis, string analysis, deobfuscation, decoding, decompression, decryption, and histogram analysis.
  3. Follow proper guidelines for setting-up and using a safe, secure, and contained virtual malware testing and debugging environment.
  4. Examine network logs, protocols, and packet traffic for malware designed to exfiltrate data.
  5. Analyze malware written in different programming languages, including:  80x86 Assembly language, C/C++, VBS, JavaScript, and PowerShell.
  6. Demonstrate using disassemblers, debuggers, and other software tools to analyze malicious code.



Facebook this Page (opens a new window)
Tweet this Page (opens a new window)