Malware Taxonomy and Terminology
This lecture discussed various approaches that I use for categorizing and classifying malware. One of the big components of Malware Analysis is the need for well defined langauge and definitions. This enables us to document findings to our audience with consistency.
Additionally, another aspect of malware analysis is the goal of being able to group malware by similarities in content and behavior. This can help analysts identify families and intra-family variance of samples, as well as utilize multiple exemplars with differing configurations in order to better inform analysis conclusions.
Slides: lecture-w03-1.pdf (PDF)