#REQUEST.pageInfo.pagedescription#

Site Navigation

COMP9047 - Malware Investigations

banner1
Title:Malware Investigations
Long Title:Malware Investigations
Module Code:COMP9047
 
Credits: 5
NFQ Level:Expert
Field of Study: Computer Science
Valid From: Semester 1 - 2016/17 ( September 2016 )
Module Delivered in 4 programme(s)
Module Coordinator: TIM HORGAN
Module Author: JOSH REYNOLDS
Module Description: This course will investigate modern malware types and techniques, and the tools used to analyze, defend and recover from malware attacks.
Learning Outcomes
On successful completion of this module the learner will be able to:
LO1 Identify and Contrast the different types of malware
LO2 Assess an Operating System as a target platform for malicious code
LO3 Analyze malware through behavioural analysis
LO4 Recommend defenses and develop solutions against malware attacks
LO5 Critically analyse and assess criminal network infrastructure and recommend remediations
Pre-requisite learning
Module Recommendations
This is prior learning (or a practical skill) that is strongly recommended before enrolment in this module. You may enrol in this module if you have not acquired the recommended learning but you will have considerable difficulty in passing (i.e. achieving the learning outcomes of) the module. While the prior learning is expressed as named CIT module(s) it also allows for learning (in another module or modules) which is equivalent to the learning specified in the named module(s).
No recommendations listed
Incompatible Modules
These are modules which have learning outcomes that are too similar to the learning outcomes of this module. You may not earn additional credit for the same learning and therefore you may not enrol in this module if you have successfully completed any modules in the incompatible list.
No incompatible modules listed
Co-requisite Modules
No Co-requisite modules listed
Requirements
This is prior learning (or a practical skill) that is mandatory before enrolment in this module is allowed. You may not enrol on this module if you have not acquired the learning specified in this section.
No requirements listed
Co-requisites
No Co Requisites listed
 

Module Content & Assessment

Indicative Content
Fundamentals of Malware Analysis
Overview of malware types, malware techniques, current threat landscape, botnets
Behavioral Malware Analysis
Setting up a malware lab, Static Analysis, Blackboxing, Rootkits
Web Threats & Internet Investigations
Malicious code injection, Javascript obfuscation, Web based exploit suites, Fast flux networks, PHP Shells, OSINT, Profiling, Maltego
Malware Distribution Techniques & Defences
Infection Vectors, Blended Attacks, Botnets, Command & Control setups, AV Engines, YARA, Cuckoo, Botnet Takedowns
Assessment Breakdown%
Course Work100.00%
Course Work
Assessment Type Assessment Description Outcome addressed % of total Assessment Date
Written Report Practical assignment based on blackboxing analysis of a given malware sample, and compiling a detailed report on its activities 1,2,3 50.0 Week 6
Written Report Project to carry out an internet investigation into the infrastructure of a piece of malware, as well as determining defences to protect against future attacks. 4,5 50.0 Sem End
No End of Module Formal Examination
Reassessment Requirement
Coursework Only
This module is reassessed solely on the basis of re-submitted coursework. There is no repeat written examination.

The institute reserves the right to alter the nature and timings of assessment

 

Module Workload

Workload: Full Time
Workload Type Workload Description Hours Frequency Average Weekly Learner Workload
Lecture Lecture 2.0 Every Week 2.00
Lab Implementation of malware analysis tools 1.0 Every Week 1.00
Independent & Directed Learning (Non-contact) Independent & Directed Learning 4.0 Every Week 4.00
Total Hours 7.00
Total Weekly Learner Workload 7.00
Total Weekly Contact Hours 3.00
Workload: Part Time
Workload Type Workload Description Hours Frequency Average Weekly Learner Workload
Lab Implementation of malware analysis tools 1.0 Every Week 1.00
Lecture Lecture 2.0 Every Week 2.00
Independent & Directed Learning (Non-contact) Independent & Directed Learning 4.0 Every Week 4.00
Total Hours 7.00
Total Weekly Learner Workload 7.00
Total Weekly Contact Hours 3.00
 

Module Resources

Recommended Book Resources
  • • Michael Ligh, Steven Adair, Blake Hartstein, Matthew Richard 2011, Malware Analyst's Cookbook and DVD, John Wiley & Sons, Inc. [ISBN: 978-047061303]
  • Michael Sikorski, Andrew Honig 2012, Practical Malware Analysis, No Starch Press [ISBN: 978-159327290]
  • Peter Szor 2005, The Art of Computer Virus Research and Defense, 1 Ed., Addison Wesley [ISBN: 978-032130454]
This module does not have any article/paper resources
This module does not have any other resources
 

Module Delivered in

Programme Code Programme Semester Delivery
CR_KCLDC_9 Master of Science in Cloud Computing 1 Elective
CR_KCLDC_9 Master of Science in Cloud Computing 2 Elective
CR_KINSE_9 Master of Science in Information Security 1 Elective
CR_KINSY_9 Postgraduate Diploma in Science in Information Security 1 Elective

Cork Institute of Technology
Rossa Avenue, Bishopstown, Cork

Tel: 021-4326100     Fax: 021-4545343
Email: help@cit.edu.ie