KYBJ5100 CYB1: Understanding and Mitigating Malware Campaigns and their Underlying Cybercriminal Operations, Complemented with a Preliminary Dive into Digital Forensics and IoT Device Firmware Hardening against Exploitation (JSS34) (4 op)
Opinnon taso:
Jatko-opinnot
Arviointiasteikko:
Hyväksytty - hylätty
Suorituskieli:
englanti
Vastuuorganisaatio:
Informaatioteknologian tiedekunta
Opetussuunnitelmakaudet:
2025-2026
Kuvaus
Malware is increasingly becoming a key problem for organizations and Internet users. Cybercriminals infect computers with malware and use them for their own gain, for example by stealing sensitive financial information or corporate data. This ecosystem has become so profitable that an entire underground economy has emerged around it, in which specialized actors provide services to each other and collaborate towards the success of these criminal endeavors. In this course, we will cover malware and cybercriminal operations in detail, focusing on both the engineering and the social and economic aspects of malware operations. We will then introduce mitigation techniques against malware operations and illustrate what an effective mitigation strategy against malware operations looks like. Additionally, we will delve deeper into the field of memory forensics, exploring how to detect and analyze malware artifacts in system memory. We will also cover using the Volatility tool to perform memory analysis, including mining and analyzing volatile data to uncover hidden malware and its operational footprints.
Osaamistavoitteet
The module aims to provide students with the skills needed to understand cybercrime in a global context and the role of a malware analyst. During this course, students will learn how cybercriminals operate, and how to develop better mitigations against this threat. Students will learn advanced methods used by malware developers to produce stealthy malware and how cybersecurity professionals analyze malware. Specifically, the module has the following learning objectives:
- Understand core concepts and nomenclature of malware and cybercriminal operations.
- Understand the technical, economic, and social aspects of malware operations. These aspects will allow the participant to understand how a single malware infection factors into the complex cybercriminal ecosystem.
- Understand the process carried out by malware analysts to reverse malware. Be able to analyze malware analysis traces to understand the nature of a malware infection on an affected computer.
- Understand the first line of defense against malware and strategic mitigations. Devise effective mitigation techniques against malware operations. These mitigation will be not only technical, but will also factor in economic, social, and legal aspects.
- Gain both theoretical foundations and, increasingly importantly, hands-on experience in memory/malware/digital forensics. Learn how to use tools like Volatility to analyze system memory, uncover traces of malware, and understand its behavior in volatile memory.
Esitietojen kuvaus
Bachelor-level degree in Computer Science, Information technology, or comparable
Suoritustavat
Tapa 1
Kuvaus:
Obligatory attendance at lectures and completing the exercises
Arviointiperusteet:
Pass/Fail
Opetusajankohta:
Periodi 1
Valitaan kaikki merkityt osat
Suoritustapojen osat
x
Osallistuminen opetukseen (4 op)
Tyyppi:
Osallistuminen opetukseen
Arviointiasteikko:
Hyväksytty - hylätty
Arviointiperusteet:
<p>Pass/Fail</p>
Suorituskieli:
englanti
Työskentelytavat:
Obligatory attendance at lectures and completing the exercises