Introduction to Malware Analysis

Fall 2023 > Computer Related > MSIT.5460 > 031

Course No: MSIT.5460-031; SIS Class Nbr: 5253; SIS Term: 3310
Course Status: Registration Closed

Course Description

This course introduces the use of reverse engineering techniques to find and analyze the behavior of malware in binary form. The topics include basic static analysis, basic dynamic analysis, advanced static analysis, advanced dynamic analysis, shell code analysis, malware behavior and anti-reverse engineering. To take this course, students shall have experience in the C programming language. Knowledge of assembly language is preferred although not necessary since the course will have a crash mini-course in X86 disassembly covering assembly language. The students will do the assignments and labs on either their own computers or in a virtual lab environment. Students must already have completed a bachelor's degree in a related discipline and must meet all undergraduate prerequisite requirements specified for graduate IT programs to enroll in this course and in a graduate career.

Prerequisites, Notes & Instructor

  • Prerequisites: Students must already have completed a bachelor's degree in a related discipline and must meet all undergraduate prerequisite requirements specified for graduate IT programs to enroll in this course and in a graduate career.
  • Credits: 3; Contact Hours: 3
  • Instructor: Xinwen Fu
  • Textbook Information

When Offered & Tuition

  • Online Course
  • 2023 Fall: Sep 06 to Dec 22
  • Course Level: Graduate
  • Tuition: $1800
    struct
    Detail The monthly plan no longer available.
    ErrorCode [empty string]
    ExtendedInfo [empty string]
    Message Past Plan Availability Date
    StackTrace coldfusion.runtime.CustomException: Past Plan Availability Date at coldfusion.tagext.lang.ThrowTag.doStartTag(ThrowTag.java:139) at coldfusion.runtime.CfJspPage._emptyTag(CfJspPage.java:4319) at cfpayment2dplan2dblock2ecfm763285126$funcGETDIVISORBYTERM.runFunction(D:\inetpub\wwwroot\ContedWeb\includes\payment-plan-block.cfm:50) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:554) at coldfusion.runtime.UDFMethod$ReturnTypeFilter.invoke(UDFMethod.java:485) at coldfusion.runtime.UDFMethod$ArgumentCollectionFilter.invoke(UDFMethod.java:448) at coldfusion.filter.FunctionAccessFilter.invoke(FunctionAccessFilter.java:95) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:399) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:372) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:288) at coldfusion.runtime.CfJspPage._invokeUDF(CfJspPage.java:4175) at coldfusion.runtime.CfJspPage._invokeUDF(CfJspPage.java:4155) at cfpayment2dplan2dblock2ecfm763285126$funcGETMONTLYPAYMENTAMMOUNT.runFunction(D:\inetpub\wwwroot\ContedWeb\includes\payment-plan-block.cfm:54) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:554) at coldfusion.runtime.UDFMethod$ReturnTypeFilter.invoke(UDFMethod.java:485) at coldfusion.runtime.UDFMethod$ArgumentCollectionFilter.invoke(UDFMethod.java:448) at coldfusion.filter.FunctionAccessFilter.invoke(FunctionAccessFilter.java:95) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:399) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:372) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:288) at coldfusion.runtime.CfJspPage._invokeUDF(CfJspPage.java:4175) at coldfusion.runtime.CfJspPage._invokeUDF(CfJspPage.java:4155) at cfpayment2dplan2dblock2ecfm763285126.runPage(D:\inetpub\wwwroot\ContedWeb\includes\payment-plan-block.cfm:61) at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:262) at coldfusion.tagext.lang.IncludeTag.handlePageInvoke(IncludeTag.java:735) at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:565) at coldfusion.runtime.CfJspPage._emptyTcfTag(CfJspPage.java:4329) at cfCatalogsearch_detail2ecfm4351478._factor5(D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm:276) at cfCatalogsearch_detail2ecfm4351478._factor6(D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm:194) at cfCatalogsearch_detail2ecfm4351478._factor7(D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm:191) at cfCatalogsearch_detail2ecfm4351478.runPage(D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm:1) at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:262) at coldfusion.tagext.lang.IncludeTag.handlePageInvoke(IncludeTag.java:735) at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:565) at coldfusion.runtime.CfJspPage._emptyTcfTag(CfJspPage.java:4329) at cfCurrent_Semsearch_detail2ecfm1097412858._factor4(D:\inetpub\wwwroot\ContedWeb\catalog\search\Current_Semsearch_detail.cfm:308) at cfCurrent_Semsearch_detail2ecfm1097412858.runPage(D:\inetpub\wwwroot\ContedWeb\catalog\search\Current_Semsearch_detail.cfm:1) at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:262) at coldfusion.tagext.lang.IncludeTag.handlePageInvoke(IncludeTag.java:735) at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:565) at coldfusion.runtime.CfJspPage._emptyTcfTag(CfJspPage.java:4329) at cfapplication2ecfc1757924483$funcONREQUEST.runFunction(D:\inetpub\wwwroot\ContedWeb\application.cfc:45) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:554) at coldfusion.runtime.UDFMethod$ArgumentCollectionFilter.invoke(UDFMethod.java:448) at coldfusion.filter.FunctionAccessFilter.invoke(FunctionAccessFilter.java:95) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:399) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:372) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:288) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:830) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:613) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:438) at coldfusion.runtime.AppEventInvoker.invoke(AppEventInvoker.java:115) at coldfusion.runtime.AppEventInvoker.onRequest(AppEventInvoker.java:308) at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:551) at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:43) at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40) at coldfusion.filter.PathFilter.invoke(PathFilter.java:162) at coldfusion.filter.IpFilter.invoke(IpFilter.java:45) at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:96) at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28) at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38) at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:60) at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38) at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22) at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:62) at coldfusion.CfmServlet.service(CfmServlet.java:226) at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:311) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:46) at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:47) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:377) at org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:463) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:889) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1743) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:834)
    Suppressed
    array[empty]
    TagContext
    array
    1
    struct
    COLUMN 0
    ID CFTHROW
    LINE 50
    RAW_TRACE at cfpayment2dplan2dblock2ecfm763285126$funcGETDIVISORBYTERM.runFunction(D:\inetpub\wwwroot\ContedWeb\includes\payment-plan-block.cfm:50)
    TEMPLATE D:\inetpub\wwwroot\ContedWeb\includes\payment-plan-block.cfm
    TYPE CFML
    2
    struct
    COLUMN 0
    ID CF_UDFMETHOD
    LINE 54
    RAW_TRACE at cfpayment2dplan2dblock2ecfm763285126$funcGETMONTLYPAYMENTAMMOUNT.runFunction(D:\inetpub\wwwroot\ContedWeb\includes\payment-plan-block.cfm:54)
    TEMPLATE D:\inetpub\wwwroot\ContedWeb\includes\payment-plan-block.cfm
    TYPE CFML
    3
    struct
    COLUMN 0
    ID CF_UDFMETHOD
    LINE 61
    RAW_TRACE at cfpayment2dplan2dblock2ecfm763285126.runPage(D:\inetpub\wwwroot\ContedWeb\includes\payment-plan-block.cfm:61)
    TEMPLATE D:\inetpub\wwwroot\ContedWeb\includes\payment-plan-block.cfm
    TYPE CFML
    4
    struct
    COLUMN 0
    ID CFINCLUDE
    LINE 276
    RAW_TRACE at cfCatalogsearch_detail2ecfm4351478._factor5(D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm:276)
    TEMPLATE D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm
    TYPE CFML
    5
    struct
    COLUMN 0
    ID CF_CATALOGSEARCH_DETAIL
    LINE 194
    RAW_TRACE at cfCatalogsearch_detail2ecfm4351478._factor6(D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm:194)
    TEMPLATE D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm
    TYPE CFML
    6
    struct
    COLUMN 0
    ID CF_CATALOGSEARCH_DETAIL
    LINE 191
    RAW_TRACE at cfCatalogsearch_detail2ecfm4351478._factor7(D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm:191)
    TEMPLATE D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm
    TYPE CFML
    7
    struct
    COLUMN 0
    ID CF_CATALOGSEARCH_DETAIL
    LINE 1
    RAW_TRACE at cfCatalogsearch_detail2ecfm4351478.runPage(D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm:1)
    TEMPLATE D:\inetpub\wwwroot\ContedWeb\catalog\search\Catalogsearch_detail.cfm
    TYPE CFML
    8
    struct
    COLUMN 0
    ID CFINCLUDE
    LINE 308
    RAW_TRACE at cfCurrent_Semsearch_detail2ecfm1097412858._factor4(D:\inetpub\wwwroot\ContedWeb\catalog\search\Current_Semsearch_detail.cfm:308)
    TEMPLATE D:\inetpub\wwwroot\ContedWeb\catalog\search\Current_Semsearch_detail.cfm
    TYPE CFML
    9
    struct
    COLUMN 0
    ID CF_CURRENT_SEMSEARCH_DETAIL
    LINE 1
    RAW_TRACE at cfCurrent_Semsearch_detail2ecfm1097412858.runPage(D:\inetpub\wwwroot\ContedWeb\catalog\search\Current_Semsearch_detail.cfm:1)
    TEMPLATE D:\inetpub\wwwroot\ContedWeb\catalog\search\Current_Semsearch_detail.cfm
    TYPE CFML
    10
    struct
    COLUMN 0
    ID CFINCLUDE
    LINE 45
    RAW_TRACE at cfapplication2ecfc1757924483$funcONREQUEST.runFunction(D:\inetpub\wwwroot\ContedWeb\application.cfc:45)
    TEMPLATE D:\inetpub\wwwroot\ContedWeb\application.cfc
    TYPE CFML
    Type DateBeyondRange
    code [empty string]
  • Note: There is a $30 per semester registration fee for credit courses.

Related Programs: M.S. in Information Technology

Every effort has been made to ensure the accuracy of the information presented in this catalog. However, the Division of Graduate, Online & Professional Studies reserves the right to implement new rules and regulations and to make changes of any nature to its program, calendar, procedures, standards, degree requirements, academic schedules (including, without limitations, changes in course content and class schedules), locations, tuition and fees. Whenever possible, appropriate notice of such changes will be given before they become effective.

Course Registration Closed

The registration period for this course has ended.

Check availability for the current semester

Get Info
Courses
Apply