Understanding and Mitigating Malware
Malware is increasingly becoming a key problem for organisations and Internet users. Cybercriminals infect computers with malware and use them for their own gain, for example by stealing sensitive financial information or corporate data. This ecosystem has become so profitable that an entire underground economy has emerged around it, in which specialised actors provide services to each other and collaborate towards the success of these criminal endeavours. In this course, we will cover malware and cybercriminal operations in detail, focusing on both the engineering and the social and economic aspects of malware operations. We will then introduce mitigation techniques against malware operations, and illustrate what an effective mitigation strategy against malware operations looks like.
|4th September 2017||Oxford University Department of Computer Science||0 places remaining.|
The successful participant will:
- Understand core concepts and nomenclature of malware and cybercriminal operations.
- Be able to analyse malware analysis traces such as network traces and execution dumps to understand the nature of a malware infection on an affected computer.
- Understand the technical, economic, and social aspects of malware operations. These aspects will allow the participant to understand how a single malware infection factors into the complex cybercriminal ecosystem.
- Devise effective mitigation techniques against malware operations. These mitigation will be not only technical, but will also factor in economic, social, and legal aspects.
- Introduction on malware
- history of malware, taxonomy of malware, botnets, ethical considerations on doing malware research, malware evading detection (polymorphic and metamorphic malware)
- Malware analysis
- analysing network traces generated by malware, analysing malicious code, analysing malicious activity on infected computers
- What is malware used for
- email spam and affiliate programmes, information stealing malware, banking malware, ransomware, denial of service, scareware, click fraud
- Targeted attacks
- spearphishing, data breaches, corporate espionage, state-sponsored attacks, Hacktivism
- Malware monetisation
- the underground economy surrounding malware, money laundering schemes, additional actors in the cybercrime ecosystem
- Malware mitigation
- antivirus technology, intrusion detection systems, engineering countermeasures, botnet takedowns, economic countermeasures, legal countermeasures, education countermeasures
No prior knowledge is required to attend this course.