University of Oxford Logo University of OxfordSoftware Engineering - Home
On Facebook
Follow us on twitter
Linked in
Linked in
Google plus
Google plus
Stumble Upon
Stumble Upon

Understanding and Mitigating Malware

Malware is increasingly becoming a key problem for organisations and Internet users. Cybercriminals infect computers with malware and use them for their own gain, for example by stealing sensitive financial information or corporate data. This ecosystem has become so profitable that an entire underground economy has emerged around it, in which specialised actors provide services to each other and collaborate towards the success of these criminal endeavours. In this course, we will cover malware and cybercriminal operations in detail, focusing on both the engineering and the social and economic aspects of malware operations. We will then introduce mitigation techniques against malware operations, and illustrate what an effective mitigation strategy against malware operations looks like.


This course normally runs twice a year.

Course dates

16th September 2024Oxford University Department of Computer Science - Held in the Department05 places remaining.
16th June 2025Oxford University Department of Computer Science - Held in the Department05 places remaining.


The successful participant will:

  • Understand core concepts and nomenclature of malware and cybercriminal operations.
  • Be able to analyse malware analysis traces such as network traces and execution dumps to understand the nature of a malware infection on an affected computer.
  • Understand the technical, economic, and social aspects of malware operations. These aspects will allow the participant to understand how a single malware infection factors into the complex cybercriminal ecosystem.
  • Devise effective mitigation techniques against malware operations. These mitigation will be not only technical, but will also factor in economic, social, and legal aspects.


Introduction on malware
history of malware, taxonomy of malware, botnets, ethical considerations on doing malware research, malware evading detection (polymorphic and metamorphic malware)
Malware analysis
analysing network traces generated by malware, analysing malicious code, analysing malicious activity on infected computers
What is malware used for
email spam and affiliate programmes, information stealing malware, banking malware, ransomware, denial of service, scareware, click fraud
Targeted attacks
spearphishing, data breaches, corporate espionage, state-sponsored attacks, Hacktivism
Malware monetisation
the underground economy surrounding malware, money laundering schemes, additional actors in the cybercrime ecosystem
Malware mitigation
antivirus technology, intrusion detection systems, engineering countermeasures, botnet takedowns, economic countermeasures, legal countermeasures, education countermeasures


No prior knowledge is required to attend this course.