CS6038/CS5138 Malware Analysis, UC

Course content for UC Malware Analysis

View on GitHub
31 January 2017

Static Analysis Introduction


Static Analysis Introduction

This lecture introduces some basic utilities for performing static analysis on a malware sample.

We begin by discussing file structures, and proceed to discuss the structure characteristics for the following open-source-defined file formats:

Furthermore, we go on to describe some models that we will use to describe data structure as the course goes on. The following page describes the Backus-Naur Form that we discussed in class. This should be familiar to many of your from Automata or Compiler Theory classes:

We then discuss Structured vs. Unstructured data and the technique of data extraction (or, sometimes, feature extraction).

Following that, we proceed to demonstrate the use of the following utilities in Remnux to provide this capability to us:

Slides: lecture-w04-1.pdf (PDF)

Video: CS7038: Wk04.1 - Static Analysis Introduction


tags: malware objdump strings lecture