Back close

Course Detail

Course Name Reverse Engineering and Malware Analysis
Course Code 21SN612
Program M. Tech. in Cyber Security Systems & Networks
Semester 2
Credits 3

Overview

Low level assembly programming, identify common techniques and approaches for basic reverse engineering, disassembler and debugger aided debugging, reverse engineering high level languages, identifying and defeating anti-disassembly techniques, anti-debugging techniques, code obfuscation.Windows PE file format overview, Windows API & COM overview, Malware persistence mechanisms (Registry by means of service, Trojans, DLL load order hijacking), user-mode rootkits, Privilege elevation mechanisms used by malwares, Malware execution(DLL injection, Process replacement, using Hooks and APC), Malware data encoding (common ciphers, custom encodings, Anti-analysis tricks used by malwares(Anti- disassembly, anti-debugging), Packers YARA rules, Analysing malwares.

TEXTBOOKS / REFERENCES

1. Michael Sikorski and Andrew Honig, “ Practical Malware Analysis”, No Starch Press,2012

2. Bruce Dang, AlexandreGazet, Elias Bachaalany and SebastienJosse, Practical Reverse Engineering, First Edition, Wiley Publishers, 2014.

3. EldadEilam, Reversing: Secrets of Reverse Engineering, Wiley Publishers, 2005.

Course Outcomes

  • CO1: Understanding how to pick apart obfuscated systems systematically to understand their inner workings using reverse engineering techniques (PSO2)
  • CO2: Learn how to detect malicious programs and classify them from benign programs and how malicious programs try to evade detection(PSO1,PSO2)
  • CO3: Learn how to analyze and detect techniques used by malicious programs for activities such as persistence, data exfiltration etc(PSO1,PSO3,PSO4)
  • CO4: Understand how to analyze and defeat techniques used by programs such as anti debugging and anti disassembly to make their analysis (static/dynamic) harder (PSO4,PSO2,PSO1)

DISCLAIMER: The appearance of external links on this web site does not constitute endorsement by the School of Biotechnology/Amrita Vishwa Vidyapeetham or the information, products or services contained therein. For other than authorized activities, the Amrita Vishwa Vidyapeetham does not exercise any editorial control over the information you may find at these locations. These links are provided consistent with the stated purpose of this web site.

Admissions Apply Now