Public Pastes
daily pastebin goal
24%
SHARE
TWEET

Untitled

a guest Apr 30th, 2015 248 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. About the Course
  2.  
  3. Cybercrime has become both more widespread and harder to battle. Researchers and anecdotal experience show that the cybercrime scene is becoming increasingly organized and consolidated, with strong links also to traditional criminal networks. Modern attacks are indeed stealthy and often profit oriented.
  4.  
  5. Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.
  6.  
  7. By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?".
  8.  
  9. Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques.
  10. Recommended Background
  11.  
  12. Operating Systems, Computer Architecture, Computer Security Class (optional)
  13. Learning Outcomes
  14. Week 1 (Introduction to Malicious Software)
  15.  
  16. After reporting on the insights of a real-world research about a botnet takeover, students will learn about malicious software, with a particular glimpse at botnets and their detection to finally conlude brielfy with rootkits.
  17. Lecture outline
  18.  
  19.     (Should we care? A botnet takeover storytelling)
  20.     Admin blabbing
  21.     Malicious software
  22.     (a glimpse at) Botnets
  23.     (a glimpse at) Botnets detection & Rootkits
  24.  
  25. Week 2 (Malware Threats and Evolution: Static Analysis and its Limitations)
  26.  
  27. Students will look at the malware landscape of the early days and what effort and challenges the AV industry was facing to fight malware threats. The lecture covers static analysis as a first technique to analyze and detect malware; (basic) assembly and reverse engineering notions are provided with a look at basic techniques to fool the state-of-the-art disassembly algorithm, quickly highlighting the limits of static analysis, especially when focused on analyzing malware. A walk-through to reverse engineer an example program concludes the lecture.
  28.  
  29. Given the complexity of the topic and the fact the course is a short and introductory class on a vast topic, the aim of the lecture is to provide a broad overview, with a few detailed insights wherever appropriate.
  30. Lecture outline
  31.  
  32.     Early days, AV industry
  33.     (a glimpse at) Reverse engineering (part 1)
  34.     (a glimpse at) Reverse engineering (part 2)
  35.     (a glimpse at) Polymorphism, code obfuscation
  36.     IDA Pro—a very simple example. . .
  37.  
  38. Week 3 (Malware Threats and Evolution: Dynamic Analysis and its Limitations)
  39.  
  40. While looking at how the malware landscape has been evolving, students will be given an introduction at dynamic analysis, a complementary technique to static analysis to fight malware threats. Packing and algorithmic-agnostic unpacking is introduced as an initial step toward full dynamic analysis. The lecture quickly mentions sandboxes and limits of dynamic analysis and sandboxes, to finally conclude with a brief overview of a particular academic research state-of-the-art for malware protection.
  41.  
  42. Given the complexity of the topic and the fact the course is a short and introductory class on a vast topic, the aim of the lecture is to provide a broad overview, with a few detailed insights wherever appropriate.
  43. Lecture outline
  44.  
  45.     Toward dynamic analysis
  46.     (a glimpse at) Dynamic analysis (part 1)
  47.     (a glimpse at) Dynamic analysis (part 2)
  48.     (a glimpse at) Limits of dynamic analysis
  49.     AccessMiner—system-centric models
  50.  
  51. Week 4 (Mobile Malware: Same Threat on a Different Platform?)
  52.  
  53. The lecture introduces the students to mobile malware threats; in particular, the lecture focuses on Android malware, providing a quick overview of Android applications and describing a virtual machine-based dynamic analysis research carried out in the ISG at Royal Holloway University of Londonin collaboration with the LaSER at University of Milan.
  54. Lecture outline
  55.  
  56.     Introduction
  57.     Background
  58.     CopperDroid: dynamic analysis of Android malware (part 1)
  59.     CopperDroid: dynamic analysis of Android malware (part 2)
  60.  
  61. Week 5 (Specialized Cybercrime)
  62.  
  63. After having skimmed throughout different malware-related threats, week 5 will introduce students to the specialized underground cybercrime that surrounds this malware-driven profitable but illicit business. After an initial recap on an early evidence of such phenomena, pay-per-install and exploit-as-a-service cybercriminal-oriented business model will be overviewed. Finally, as most of the (exploit-as-a-service) attacks nowadays happen because of memory error exploitations, the lecture will provide a succinct overview on the issue, backed up by statistics to understand whether such a quite dated software vulnerability is still an issue or not (and where should research be focusing on).
  64. Lecture outline
  65.  
  66.     Introduction
  67.     Pay-per-Install
  68.     Exploit-as-a-service
  69.     Memory errors: the past, the present, and the future
  70.  
  71. Week 6 (Underground Economy and The Cost of Cybercrime)
  72.  
  73. This final lecture will introduce students to another aspect of the cybercriminal underground economy; we will first discuss an interesting report that recently outlined one of the biggest online underground economy, followed by a discussion on how big is the cost of cybercrime (not just in terms of revenue for the cybercriminal). The lecture will conclude the course and provide a few final remarks.
  74. Lecture outline
  75.  
  76.     China's online underground economy (part 1)
  77.     China's online underground economy (part 2)
  78.     The cost of cybercrime (part 1)
  79.     The cost of cybercrime (part 2)
  80.     Conclusion and final remarks
RAW Paste Data
Top