Topic 1. Intro.pptx;n;b;jvljvlvlvlv''ojoj
- 1. Because teaching teaches teachers to teach Topic 1: Introduction
- 2. Course Rules How to conduct: - Prepare contents of the next session at home (Book, CD) - Explain and understand new concepts and key points. - Do homeworks (LABs), quiz (via CMS)… Others: - Off phone - Use laptops under teacher’s instruction - No game, no chat in class
- 3. Evaluation Strategy Must attend more than 80% of contact hours (if not, not allow to take exam). Evaluating: 2 Progress tess (Q) 20 % 19 Labs (Lab) 40% 1 Participation in Discussions(P) 10% Final exam (FE) 30% Total score = 20% (Q) + 40% (Lab) + 10% (P) + 30% (FE) Pass: Total score ≥ 5 and Average Lab Score ≥ 4 and Final Examination ≥ 4 (of 10) Retake only the Final Exam when not passed
- 5. Key concept • The Need • Scope • Objectives • Expectation • History and Overview • References
- 6. The Need Malware -Malicious software Nowadays a great danger with malware, an exponential growth in hacking attempts utilizing malware to compromise the data security. e.g. recent ransomware WannaCry, Peter,… May cause widespread damage, in fact a lot of affected organizations. Information Assurance (IA) aims to protect and defend information systems by ensuring their confidentiality, integrity, authentication, availability, and nonrepudiation. need to design measures that would ensure the protection of such systems and their associated data. IA can benefit greatly from Malware Analysis
- 7. Scope Malware Analysis becomes an essential component of IA by ensuring the detection, analysis, reverse engineering, and eradication of any software that attempts to temper with these systems or their data. The scope includes: 1.Introduction to Malware Analysis. 2.Malware Analysis Labs 3.Methodology to detect, analyze, reverse-engineer, and eradicate malware. 4.Malware Analysis Applications. 5.Forensics tools used for Malware Analysis.
- 8. Objectives 1. Develop a good understanding of Malware Analysis: today’s greatly increasing malware threats malware activity mechanism and behavior malware classification building an environment to do static and dynamic malware analysis methods and tools to detect, analyze, reverse-engineer, and eradicate malware
- 9. Objectives (Cont) 2. Identify the different types of Malware Analysis methods: static (ASCII, binary, logical signature detection) dynamic (network traffic analysis, memory forensics, dynamic reverse engineering) hybrid. 3. Gain a broad exposure to real world applications of Malware Analysis: take control of the incident, incident response analyze the threat, examine interactions with the environment mitigate the risks of malware attempting to escape from the lab
- 10. Objectives (Cont) 4. Set up a relatively inexpensive lab for Malware Analysis activities. 5. Utilize a standard methodology for detecting, analyzing, reverse engineering, and eradicating malware. 6. Use a Malware Analysis-based approach in order to resolve real world problems. 7. Recognize common malware characteristics (propagation, infection, self-defense, capabilities, …). 8. Bypass some of the advanced malware techniques, such as packing, obfuscation and anti-analysis of armored malware breeds
- 11. Expectation An effective immersion into the realm of Malware Analysis and Reverse Engineering. A progressive approach introducing relevant concepts and techniques while preparing students to become effective malware analysts. A practical approach in detecting, analyzing, reverse engineering, and eradicating malware. Key Aspects: Reverse Engineering malware from various sources and using various programming languages. Standard Methodology: setting up an inexpensive laboratory, isolating it from production environments, utilizing a selected set of forensic tools in order to dissect the malware, discover its characteristics, neutralize its effects.
- 12. History and Overview - What is malware?: software intended to intercept or take partial control of a computer's operation without the user's informed consent. It subverts the computer's operation for the benefit of a third party. - Malware includes all kinds of intruder software: viruses, worms, backdoors, rootkits, Trojan horses, stealware, … - Why do people write malware?: In the 1990s: form games spread to other machines. Later, to partially control the user’s computer (adware, spyware, spam, fraud, DDoS, ransomware, …) - Malware over time: in the 1990’s -Morris Worm, polymorphic malware, in the 2000’s -Code Red worm, VundoTrojan, rootkit, stuxnet, …
- 13. Q&A
Editor's Notes
- #5: Xác thực và ủy quyền Bảo mật ứng dụng web Nguyên tắc cơ bản về bảo mật ứng dụng web - Các lỗ hổng bảo mật web phổ biến - Thực hành mã hóa an toàn Phía máy khách và phía máy chủ
- #8: Tác động rộng rãi:
- #9: Tác động rộng rãi:
- #10: Tác động rộng rãi:
- #12: Xác thực: Xác minh danh tính của người dùng, thường thông qua thông tin đăng nhập. Đây là bước đầu tiên trong bất kỳ quy trình bảo mật nào, đảm bảo rằng người dùng chính là người mà họ xác nhận. Ủy quyền: Xác định những gì người dùng được xác thực có thể truy cập và thực hiện. Đó là việc cấp hoặc từ chối quyền và quyền truy cập vào các tài nguyên trong ứng dụng. Tầm quan trọng: Cả hai đều cần thiết để bảo mật các ứng dụng web, bảo vệ dữ liệu nhạy cảm và đảm bảo rằng người dùng chỉ có thể truy cập những gì họ được phép.