Unit 1: Introduction: Introduction to malware, OS security concepts, malware threats, evolution of malware, malware types- viruses, worms, rootkits, trojans, bots, spyware, adwares, logic bombs, malware analysis, static malware analysis, dynamic malware analysis.
Unit 2: Advanced Static Analysis: x86 Architecture, Analyzing Windows programs, Portable executable file format, disassembling malicious executable programs. Anti-static analysis techniques- obfuscation, packing, metamorphism, polymorphism.
Unit 3: Advanced Dynamic Analysis: Debugging malware - ollydbg, windbg, setting virtual environments- sandboxes, emulators, hypervisors, virtual machines, live malware analysis, dead malware analysis, analyzing traces of malware- systemcalls, api-calls, registries, network activities. Anti-dynamic analysis techniques, anti- vm, runtime-evasion techniques.
Unit 4: Malware Functionality: Downloaders, Backdoors, Credential Stealers, Persistence Mechanisms, Privilege Escalation, Covert malware launching-Launchers, Process Injection, Process Replacement, Hook Injection, Detours, APC Injection.
Unit 5: Malware Detection Techniques: Signature-based techniques: malware signatures, packed malware signature, metamorphic and polymorphic malware signature. Non-signature based techniques: similarity-based techniques, machine-learning methods, invariant-inferences.
50% End-Term Exam | 30% Mid-Term Exam | 20% Class Performance
Quiz 1: Feb-2025 (Pre-MTE)
Quiz 2: April-2025 (Pre-ETE)
Thabet, A., Kleymenov, A.: Mastering Malware Analysis: A Malware Analyst's Practical Guide to Combating Malicious Software, APT, Cybercrime, and IoT Attacks.
Bruce Dang, Alexandre Gazet, and Elias Bachaalany: Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
Peter Szor: The Art of Computer Virus Research and Defense, Addison Wesley Professional.
Eric Filiol: Computer Viruses: from theory to applications, Springer.
Michael Sikorski and Andrew Honig: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software, No Starch Press
Christopher Elisan: Advanced Malware Analysis, McGraw-Hill Osborne Media.
Michael Hale Ligh, Andrew Case: The Art of Memory Forensics: Detecting Malware, Wiley.
Published articles from reputed Journals and Conferences.
Unit 1: Introduction: Introduction (a) Security(b) Malware(c) OWASP top ten and other major security issues in the world(d) CVE and other information (e) Introduce various types of security areas
Downloads: Lecture 1, Lecture 1.1
Unit 2: Software and OS Security: OS Security: Common Bugs, Buffer Overflow, Runtime Defenses against memory safety vulnerabilities, program verification and other vulnerabilities, Principles in OS Security; Mechanisms for confining bad code, Mechanisms for confining bad code: isolation, sandboxing, SFI and Virtualization, Trusted Computing
Unit 3: Web Security: Secure web site design (SQL injection, XSS, CSRF)
Unit 4: Network Security: TCP/IP, DDoS Attacks, Network worms and botnets: attacks and defenses, DNS and BGP security, Network defense tools – Firewall and Intrusion Detection.
Unit 5: Future/Advanced Security: Introduction - The Security in Existing wireless Networks, Upcoming wireless networks and challenges, Thwarting and malicious behavior – Naming and addressing, security association and secure neighbor discovery, secure routing in multichip wireless networks and privacy protection. Mobile OS Security and Privacy: Android, IOS security challenges, processor security, privacy, anonymity and censorship and other security issues according to the current situations and future requirements
50% End-Term Exam | 30% Mid-Term Exam | 20% Class Performance
Quiz 1: Feb-2024 (Pre-MTE)
Quiz 2: April-2024 (Pre-ETE)
Cryptography and Network Security: Principles & Practice by William Stallings
Computer and Security; Principles and Practices by William Stallings and Lawrie Brown
Operating System Security by Trent Jaeger (The Pennsylvania State University)
Practical Malware Analysis by Andrew Honig, Michael Sikorski
Unit 1: Overview and Physical Layer: Overview of data communication and network architecture, OSI 7-layer architecture, TCP/IP architecture and comparison with OSI, Data and Signal, Transmission Impairments and channel capacity, Transmission Media, Signal Transmission and Multiplexing, Interfacing, Switching Techniques, ATM.
Unit 2: Data Link Layer and MAC Sublayer: Data Link Layer Design Issues (Framing, Error Control), Error Detection and Correction, Channel Allocation Problem and Multiple Access Protocols, ALOHA, CSMA, Collision-Free Protocols, Ethernet: Classic, Token Ring, Fast, and Gigabit, Wireless LANs: 802.11 Protocols.
Unit 3: Network Layer: Introduction, Addressing, NAT and IPv6, Routing Table and Intra-domain routing, Routing Protocols: Shortest Path, DVR, Link State, Broadcast, Inter-domain Routing, Border Gateway Protocol, Quality of Service, SDN.
Unit 4: TCP and Transport Layer - Services, Transport Layer Performance and Congestion Control, Transmission Control Protocol, UDP, Socket Programming
Unit 5: Application Layer: Application Layer Protocols: DNS, WWW, HTTP, E-mail, FTP. (2 Classes)
Unit 6: Future/Advanced Internet: Queuing Models Introduction: Little's Theorem, M/M/1, M/M/m Queues, Network of Queues, M/G/1 Queues, Reservations and Priorities, IoT and applications, Introduction to Information Centric Networks (ICN), Content Distribution Networks (CDN).
50% End-Term Exam | 30% Mid-Term Exam | 20% Class Performance
Quiz 1: Feb-2024 (Pre-MTE)
Quiz 2: April-2024 (Pre-ETE)
Data Networks by Bertsekas and Gallagher, PHI
Computer Networks by L. Peterson and Davie, Elsevier
Computer Networking A top down Approach by J.F.Kurose, Pearson.
Computer Networks by Andrew S. Tanenbaum, Pearson.