Malware Analysis

profileAdam.Abu
Project5-MalwareAnalysis.docx
Home>Computer Science homework help>Malware Analysis

Project 5: Malware Analysis

Phase 2 - Applied Forensics Skills

Overview:

For this project, each student will locate a piece of malicious software “malware”. Taking necessary precautions, the student will analyze the malware and provide a report on its characteristics, development, and behaviors. The student will include in their report a history of the malicious code and shall attempt to pinpoint the origin of the malware. The student should include a history of remediation attempts and tactics, and snippets of code which perform malicious actions or are otherwise central to the behavior, obfuscation, or performance of the malware.

Student Deliverables:

1) A structured report on a piece of malware outlining:

a. The type and origin history of the selected malware

b. Malware properties

c. Code snippets central to the malware (and their explanation)

d. History of the malware

e. Remediations to the malware

2) A report outlining where and how the student acquired the malicious program or code, and the design and methodology the student utilized to disassemble and analyze the code safely (including the tools utilized).

NOTES:

The report should be the result of an investigation, by the student, of a live piece of malicious code or malicious program. Malicious activity, including obfuscation, replication, and communications by the malware are central to understanding the code and should be sufficiently reported on. The student should show evidence of having executed and monitored the malicious program or code to observe it behavior.

It is the student’s responsibility to ensure that a safe and isolated environment is created in which to perform execution and analysis of the selected malware.

I’m not looking for a research report on a piece of malware, but an actual malware analysis performed by the student. Conducting the former instead of the latter does not constitute completing the assignment.

Grading:

20% - Report Structure; including grammar, formatting, spelling, and use of language

10% - Evidence of safe malware handling practices

10% - Outlining methodology and process in disassembling and analyzing the malware.

10% - Providing screenshots effectively outlining malware behavior

30% - Completely and effectively analyzing the malware’s behaviors, including replication, obfuscation, and any network activities.

20% - Accurately analyzing the malwares developmental history, creation, origin, and remediation.