TU BRAUNSCHWEIG

Seminar Malware Analysis and Detection

Overview

Semester: Winter 2017/2018
Course type: Block Seminar
Lecturer: Prof. Dr. Konrad Rieck
Assistants: Hugo Gascon, Marius Musch
Audience: Informatik Bachelor, Wirtschaftsinformatik Bachelor
Credits: 5 ECTS
Hours: 2
Language: English or German
Capacity: max. 10 Students
Room: BRICS 107/108

Schedule

 Date   Step 
 25.10 15 - 16:30 h   Kick-off and assignment 
 30.10 - 3.11   Arrange appointment with assistant 
 13.12   Submit paper proposal 
 20.12   Review two other papers 
 10.01   Submit final paper 
 24.01 15 - 19:30 h   Presentation with Pizza 

Description

In this seminar, you will have the chance to dig deep in one of several hot topics in malware and attack research. Through the elaboration of a paper you will learn and get amazed about the complexity and challenges of your topic and at the end of the semester, you will share these insights with your fellow students in an exciting presentation.

Requirements

The seminar is organized like a real academic conference. You need to prepare a written paper (German or English) about the selected topic with 8-10 pages in ACM double-column style.

After submitting your paper at our conference system, you will write two short reviews about two of the papers submitted by your fellow students' in order to give them feedback about how to improve their paper. Then, you will have time to improve your own final paper with reviews from the others.

Finally, you will give a 20-25 minutes talk about your paper and we will provide drinks and pizza to enjoy the talks at our small MAD conference.

Contact

The seminar is organized by the Institute of System Security. For questions and further details, please contact

Topics

▸ The Malware Economy

Just like any other business, cyber criminal activities and opportunities in the malware market are a matter of demand versus supply. This paper will describe how specialized roles have emerged to foster innovation and the issues involved in establishing malware development and distribution as a competitive and successful industry.

▸ Evasive Malware

A peek into modern evasion and anti-reverse engineering techniques (anti‐debugging, anti‐disassembly and anti‐vm)

▸ Shellcode Analysis

To successfully take control of a system, malware often exploit vulnerabilities through a specially crafted piece of code -- known as shellcode. This paper will describe the methods and concepts, as well as the challenges behind techniques for effectively analyzing these shellcodes.

▸ Rootkit Detection and Analysis

Well hidden in the booting process, rootkits enable malware to obtain persistence on a system for a long time. They often allow the installation of hidden files, processes or hidden user accounts in the systems OS, being able to intercept data from terminals, network connections, and the keyboard. This paper will analyze their principles, strategies and modern countermeasures.

▸ Mobile Malware

There exists already more mobile devices than people on this planet and most are a mine for personal and sensititve data. It is thus not surprising that cyber criminals love to target our smartphones and tablets with malicious code as much as we love to use them. This paper will explore and discuss the latest threats in the mobile landscape and how security researchers are trying to protect them.

▸ Honeypots, The Art of Deception

Deception as a defense strategy and as a way to collect knowledge from attackers has led to the envision of honeypots. A research field on its own, this paper will explore their foundations, types, goals, limitations and current trends.

▸ Malware for Industrial Control Systems (a.k.a. SCADA)

Industrial control systems are increasingly linked with modern communication technologies. Unfortunately, this link has made them a new target for malware, with their own specific attack vectors, vulnerabilities and potential catastrophic consequences. This paper will explore modern attacks and defences for SCADA systems.

▸ Machine Learning for Malware and Threat Detection

Machine learning and artificial intelligence are the new workhorse of the malware research community. Is machine learning an effective solution to detect attacks outside of the lab in the real world? How about user behavioral monitoring? Is anomaly detection an adequate problem to be solved with machine learning in the context of security? This paper will discuss where all this trend is going, its problems, challenges and opportunities.

▸ Targeted Malware Attacks Against Civil Society

The Internet represents the largest open space for free expression. Unfortunately in order to repress dissent, many nation-states have strengthened their malware development efforts becoming new threat actors. Such attack techniques are then used to target activists and human rights advocates who challenge the status quo. This paper will explore the problematic, the threat actors and targets, the attack vectors, and their implications for freedom and security.

▸ Ransomware

Due to its simplicity and highly profitable business model, ransomware has become extremely fast one of the most widespread attacks on the modern internet. This paper will look at its evolution, its current technical strategies and the proposed countermeasures.


  aktualisiert am 11.10.2017
TU_Icon_E_Mail_1_17x17_RGB Zum Seitenanfang