¹û¶³Ó°Ôº

XClose

¹û¶³Ó°Ôº Module Catalogue

Menu

Malware (COMP0060)

Key information

Faculty
Faculty of Engineering Sciences
Teaching department
Computer Science
Credit value
15
Restrictions
Module delivery for UG Masters (FHEQ Level 7) available on MEng Computer Science; MEng Mathematical Computation. Module delivery for PGT (FHEQ Level 7) available on MSc Information Security; MSc Software Systems Engineering.
Timetable

Alternative credit options

There are no alternative credit options available for this module.

Description

Aims:

The module aims toÌýprovide students with specialist understanding of the issues and techniques in malware detection and classification; and broad understanding of the human, social, economic, and historical context in which malware occurs.

Intended learning outcomes:

On successful completion of the module, a student will be able to:

  1. Have specialist understanding of the nature of malware, its capabilities, and how it is combatted through detection and classification.
  2. Understand what the underlying scientific and logical limitations on society’s ability to combat malware are.
  3. Have an appreciation and broad understanding of the social, economic and historical context in which malware occurs.

Indicative content:

The following are indicative of the topics the module will typically cover:

Introduction:

  • The taxonomy of malware and its capabilities: viruses, Trojan horses, rootkits, backdoors, worms, targeted malware.
  • History of malware.

The social and economic context for malware:

  • Crime, anti-malware companies, legal issues, the growing proliferation of malware.

Basic Analysis:

  • Signature generation and detection.
  • Clone detection methods.

Static analysis theory:

  • Program semantics.

Static Analysis:

  • System calls: dependency analysis issues in assembly languages. semantic invariance of system call sequences.
  • Taint-based analyses.
  • Semantic clones.

Dynamic Analysis:

  • Virtualization- semantic gap.
  • Reverse engineering.
  • Hybridisation with static analysis.

Similarity metrics:

  • (Kolmogorov Complexity.)
  • Association metrics.
  • Other entropy-based metrics.

NLP based approaches. Problems in large scale classification:

  • Scalability.
  • Triage methods.
  • Required FP rate.

Hiding:

  • Polymorphism. compression, encryption, virtualization.
  • Metamorphism. high level code obfuscation engines, on-board metamorphic engines, semantics-preserving rewritings.
  • Frankenstein.

The theory of malware:

  • Rice’s theorem and the undecidability of semantic equivalence.
  • Adleman’s proof of the undecidability of the presence of a virus.
  • Cohen’s experiments on detectability and self-obfuscation.

Requisites:

To be eligible to select this module as optional or elective, a student must: (1) be registered on a programme and year of study for which it is a formally available; and (2) have taken modules in logic and discrete mathematics, assembly, and imperative programming at FHEQ level 4 or higher.

Module deliveries for 2024/25 academic year

Intended teaching term: Term 2 ÌýÌýÌý Undergraduate (FHEQ Level 7)

Teaching and assessment

Mode of study
In person
Methods of assessment
80% Fixed-time remote activity
20% Coursework
Mark scheme
Numeric Marks

Other information

Number of students on module in previous year
4
Module leader
Dr Lorenzo Cavallaro
Who to contact for more information
cs.pgt-students@ucl.ac.uk

Intended teaching term: Term 2 ÌýÌýÌý Postgraduate (FHEQ Level 7)

Teaching and assessment

Mode of study
In person
Methods of assessment
80% Fixed-time remote activity
20% Coursework
Mark scheme
Numeric Marks

Other information

Number of students on module in previous year
11
Module leader
Dr Lorenzo Cavallaro
Who to contact for more information
cs.pgt-students@ucl.ac.uk

Last updated

This module description was last updated on 8th April 2024.

Ìý

Useful links

Sustainability

For a list of modules related to climate change as well as social and environmental sustainability at ¹û¶³Ó°Ôº, type 'climate' or 'sustainability' into the search. Visit Sustainable ¹û¶³Ó°Ôº for information on extra-curricular activity on sustainability.

Important information

The catalogue has been updated with key information about the modules that will run during the 2024/25 academic session. Current and prospective students can browse through the catalogue to consider possible module choices for the coming year.

Please note,Ìýinformation in the catalogue isÌýsubject to change as teaching and assessment arrangements for 2024/25 may need to be adjusted in line with the University's Feedback and Assessment principles and operating model.

Centrally managed exam durations will be provided on students' individual exam timetables. Arrangements for locally managed exams and in-class activity will be confirmed by the teaching department for the module.

Ìý

Ìý