CYBR473 (2024) - Malware Analysis
Prescription
This course introduces techniques and tools for analysing and detecting malicious software (malware). It covers in-depth analysis techniques for identifying, dissecting, and neutralising malware threats, including viruses, worms, trojans, and ransomware. The course emphasises practical skills in developing and implementing defensive strategies to protect systems against malware attacks.
Course learning objectives
Students who pass this course should be able to:
- Analyse the anatomy, behaviour and propagation methods of malware using appropriate techniques and tools.
- Detect and bypass attempts by malware to evade analysis.
- Develop proof-of-concept malware that demonstrates understanding of malware behaviour and detection techniques.
Course content
We have designed this course for in-person study, and to get the most out of it, we strongly recommend you attend lectures on campus. Most assessment items, as well as tutorials/seminars/labs/workshops will only be available in person. Any exceptions for in-person attendance for assessment will be looked at on a case-by-case basis in exceptional circumstances, e.g., through disability services or by approval by the course coordinator.
If you started your programme of study remotely and can only study remotely, please contact the School so we can help and confirm what courses are available.
Withdrawal from Course
Withdrawal dates and process:
https://www.wgtn.ac.nz/students/study/course-additions-withdrawals
Lecturers
Dr Arman Khouzani (Coordinator)
- arman.rezaeikhouzani@vuw.ac.nz
- CO 231 Cotton Building (All Blocks), Gate 7, Kelburn Parade, Kelburn
Dr Alvin Valera
- alvin.valera@vuw.ac.nz
- AM 418 Alan Macdiarmid Building, Gate 7, Kelburn Parade, Kelburn
Teaching Format
Weekly lectures and lab sessions during the whole course. Students will cover the fundamentals of malware analysis and reverse engineering techniques for malware in this context. The final assessment will involve applying a range of these techniques to a problem such as developing a proof-of-concept malware exploit.
Student feedback
FENG CYBR473 2022
8 Number of responses, 26 Number enrolled
1.4 1.8 Q1: This was a well-organised course.
1 = Strongly Agree, 5 = Strongly Disagree
1.3 1.5 Q2: Important course information-such as learning objectives, deadlines, assessments and grading criteria-was communicated clearly.
1 = Strongly Agree, 5 = Strongly Disagree
1.3 1.5 Q3: Assessment tasks have helped me to learn.
1 = Strongly Agree, 5 = Strongly Disagree
1.7 2.0 Q4: I received helpful feedback on my progress.
1 = Strongly Agree, 5 = Strongly Disagree
2.8 2.8 Q5: The amount of work required in this course was:
1 = Far Too Much, 3 = About Right, 5 = Far Too Little
1.5 1.3 Q6: This course has helped me to develop an understanding of this subject.
1 = Strongly Agree, 5 = Strongly Disagree
1.7 2.0 Q7:This course has stimulated my interest in this subject.
1 = Strongly Agree, 5 = Strongly Disagree
1.4 1.5 Q8: What I learned in this course has been valuable.
1 = Strongly Agree, 5 = Strongly Disagree
1.8 1.5 Q9: Overall, I would rate the quality of this course as:
1 = Excellent, 5 = Very Poor
Dates (trimester, teaching & break dates)
- Teaching: 26 February 2024 - 31 May 2024
- Break: 01 April 2024 - 14 April 2024
- Study period: 03 June 2024 - 06 June 2024
- Exam period: 07 June 2024 - 22 June 2024
Other Classes
We will have online helpdesks from 4:10-5:00 pm in the weeks prior to the assessment due dates and will share the Zoom link with you during the course.
Set Texts and Recommended Readings
Required
- Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software (1st edition) by Michael Sikorski and Andrew Honig - available at no charge via the University O'Reilly online subscription.
Mandatory Course Requirements
In addition to achieving an overall pass mark of at least 50%, students must:
- Achieve at least a "D" in the final assignment.
If you believe that exceptional circumstances may prevent you from meeting the mandatory course requirements, contact the Course Coordinator for advice as soon as possible.
Assessment
This is the 2024 assessment scheme.
| Assessment Item | Due Date or Test Date | CLO(s) | Percentage |
|---|---|---|---|
| Assignment 1 (4 weeks) | 31 March 2024 | CLO: 1 | 30% |
| Assignment 2 (4 weeks) | 5 May 2024 | CLO: 1,2 | 30% |
| Assignment 3 (5 weeks) | 9 June 2024 | CLO: 1,2,3 | 40% |
Penalties
Each student will have 3 "late days" - 72 hours of automatic extension which will be applied to any assignment or assignments during the course, as needed. Please note that these 72 hours are for the whole course, not for each assignment.
The penalty for late work beyond your allocation of "late days" will be a 10% shrinking cap per day after the due date, unless there has been prior negotiation. Shrinking cap reduces the maximum mark per day so after 3 days the maximum mark is 70%(B) but C+ work will receive a C+ grade.
Extensions
Individual extensions will only be granted in exceptional personal circumstances, and should be negotiated with the course coordinator before the deadline whenever possible. Documentation (eg, medical certificate) may be requested.
Submission & Return
All work should be submitted through the ECS submission system, accessible through the course web pages. Marks and comments will be returned through the ECS marking system, also available through the course web pages.
Student submitted work may be used during the formal Engineering NZ re-accreditation visit to VUW scheduled for 2024, as part of the evaluation process for the programme.
Workload
The student workload for this course is 150 hours.
Teaching Plan
See https://ecs.wgtn.ac.nz/Courses/CYBR473_2024T1/LectureSchedule
Communication of Additional Information
All online material for this course can be accessed at https://ecs.wgtn.ac.nz/Courses/CYBR473_2024T1/
Links to General Course Information
- Academic Integrity and Plagiarism: https://www.wgtn.ac.nz/students/study/exams/academic-integrity
- Academic Progress: https://www.wgtn.ac.nz/students/study/progress/academic-progess (including restrictions and non-engagement)
- Dates and deadlines: https://www.wgtn.ac.nz/students/study/dates
- Grades: https://www.wgtn.ac.nz/students/study/progress/grades
- Special passes: Refer to the Assessment Handbook, at https://www.wgtn.ac.nz/documents/policy/staff-policy/assessment-handbook.pdf
- Statutes and policies, e.g. Student Conduct Statute: https://www.wgtn.ac.nz/about/governance/strategy
- Student support: https://www.wgtn.ac.nz/students/support
- Students with disabilities: https://www.wgtn.ac.nz/st_services/disability/
- Student Charter: https://www.wgtn.ac.nz/learning-teaching/learning-partnerships/student-charter
- Student Feedback on University courses may be found at: http://www.cad.vuw.ac.nz/feedback/feedback_display.php
- Terms and Conditions: https://www.wgtn.ac.nz/study/apply-enrol/terms-conditions/student-contract
- Turnitin: http://www.cad.vuw.ac.nz/wiki/index.php/Turnitin
- University structure: https://www.wgtn.ac.nz/about/governance/structure
- The Use of Te Reo Māori for Assessment Policy:
Victoria University values te reo Māori. Students who wish to submit any of their assessments in te reo Māori must refer to The Use of Te Reo Māori for Assessment Policy
He mea nui te reo Māori ki te Whare Wānanga o te Ūpoko o te Ika. Ki te pīrangi koe ki te tuhituhi i ō aro matawai i roto i te reo Māori, tēnā me mātua whakapā atu ki te kaupapa here, The Use of Te Reo Māori for Assessment Policy - VUWSA: http://www.vuwsa.org.nz
Offering CRN: 32241
Points: 15
Prerequisites: 60 300-level pts from (AIML, COMP, CYBR, SWEN)
Duration: 26 February 2024 - 23 June 2024
Starts: Trimester 1
Campus: Kelburn