CYBR 473 (2024) - Schedule of Lectures (Tentative)
Video recordings of the lectures will be available through Nuku after the class is finished. The lectures are NOT streamed, to encourage in person class attendance. See the TimeTable for times and locations of lectures and labs/helpdesks.Free unlimited textbook access is provided through VUW's subscription to O'Reilly library:We are grateful to Sam Browne for his online resources, including the slides that we have adapted for our course. You can check out Sam's page here: CNIT 126: Practical Malware Analysis (Spring 2024).
- Go to https://www.oreilly.com/library-access/.
- Click "Institution not listed", and enter with your VUW's email address.
- Enter the book's title (Practical Malware Analysis) in the the search field. Enjoy reading!
| Lecture | Date | Title (Tentative) | Slides | Reading | Recording |
|---|---|---|---|---|---|
| Week #1 | |||||
| 1 | 26 Feb | Course admin, Malware Analysis Primer | slides slides |
Chapter 0 | video |
| 2 | 28 Feb | Basic Static Techniques | slides | Chapter 1 A dive into the PE file format |
video |
| Week #2 | |||||
| 3 | 04 Mar | Malware Analysis in VMs | slides | Chapter 2 | video |
| 4 | 06 Mar | Basic Dynamic Analysis | slides | Chapter 3 | video |
| Week #3 | |||||
| 5 | 11 Mar | A Crash Course in x86 Disassembly (1/2) | slides | Chapter 4 Tiny guide to x86 assembly Online assembly compiler |
video |
| 6 | 13 Mar | A Crash Course in x86 Disassembly (2/2) | Chapter 4 Compiler Explorer (interactive online compiler) |
video | |
| Week #4 | |||||
| 7 | 18 Mar | IDA Pro | slides | Chapter 5 | video |
| 8 | 20 Mar | Recognising C Code Constructs in Assembly | slides | Chapter 6 | video |
| Week #5 | |||||
| 9 | 25 Mar | Analysing Malicious Windows Programs | 1, 2 | Chapter 7 | video |
| 10 | 27 Mar | Debugging | slides | Chapter 8 | video |
| MID TRIMESTER BREAK (1 Apr—14 Apr) | |||||
| Week #6 | |||||
| 11 | 15 Apr | OllyDbg | slides | Chapter 9 | video |
| 12 | 17 Apr | Kernel Debugging with WinDbg | slides | Chapter 10 | video |
| Week #7 | |||||
| 13 | 22 Apr | Malware Behaviour (1/2) | slides | Chapter 11 | video |
| 14 | 24 Apr | Malware Behaviour (2/2) Lab 11-01 |
video | ||
| Week #8 | |||||
| 15 | 29 Apr | Covert Launching (1/2) | slides | Chapter 12 | video |
| 16 | 1 May | Covert Launching (2/2) Lab 12-02 |
video | ||
| Week #9 | |||||
| 17 | 6 May | Data Encoding in Malware (1/2) | slides | Chapter 13 | video |
| 18 | 8 May | Data Encoding in Malware (2/2) Lab 13-02 |
video | ||
| Week #10 | |||||
| 19 | 13 May | Malware Network Signatures (1/2) | slides | Chapter 14 | video |
| 20 | 15 May | Malware Network Signatures (2/2) Lab 14-01 |
video | ||
| Week #11 | |||||
| 21 | 20 May | Anti-disassembly (1/2) | slides | Chapter 15 | video |
| 22 | 22 May | Anti-disassembly (2/2) | video | ||
| Week #12 | |||||
| 23 | 27 May | Anti-Debugging | slides | Chapter 16 | video |
| 24 | 29 May | Anti-VM | slides | Chapter 17 | video |
| STUDY/TEST PERIOD | |||||