Modern Crypto Systems & Malware Analysis PDF

Chat with Document Download

Document Details

Uploaded by Deleted User

Tags

cryptography modern crypto malware analysis computer science

Related

Summary

This document provides an outline for two courses: Modern Crypto Systems and Malware Analysis. The courses cover topics like cryptographic algorithms and protocols, as well as malware analysis methods. The document describes the course objectives, units, and references. It is likely a course syllabus or outline.

Full Transcript

# MODERN CRYPTO SYSTEMS | L | T | P | C | |---|---|---|---| | 3 | 0 | 0 | 3 | **Course Objective(s):** The purpose of learning this course is to: - Learn about Modern Cryptography. - Focus on how cryptographic algorithms and protocols work and how to use them. - Build a Pseudorandom permutation....

# MODERN CRYPTO SYSTEMS | L | T | P | C | |---|---|---|---| | 3 | 0 | 0 | 3 | **Course Objective(s):** The purpose of learning this course is to: - Learn about Modern Cryptography. - Focus on how cryptographic algorithms and protocols work and how to use them. - Build a Pseudorandom permutation. - Construct Basic cryptanalytic techniques. - Provide instruction on how to use the concepts of block ciphers and message authentication codes. **Course Outcomes:** At the end of this course, learners will be able to: - Interpret the basic principles of cryptography and general cryptanalysis. - Determine the concepts of symmetric encryption and authentication. - Identify the use of public key encryption, digital signatures, and key establishment. - Articulate the cryptographic algorithms to compose, build and analyze simple cryptographic solutions. ## Unit I: INTRODUCTION **CO5: Express the use of Message Authentication Codes.** - Basics of Symmetric Key Cryptography, Basics of Asymmetric Key Cryptography, Hardness of Functions. - Notions of Semantic Security (SS) and Message Indistinguishability (MI): Proof of Equivalence of SS and MI, Hard Core Predicate, Trap-door permutation, Goldwasser-Micali Encryption. - Goldreich-Levin Theorem: Relation between Hardcore Predicates and Trap-door permutations. ## Unit II: FORMAL NOTIONS OF ATTACKS - Attacks under Message Indistinguishability: Chosen Plaintext Attack (IND-CPA), Chosen Ciphertext Attacks (IND-CCA1 and IND-CCA2), Attacks under Message Non-malleability: NM-CPA and NMCCA2, Inter-relations among the attack model ## Unit III: RANDOM ORACLES - Provable Security and asymmetric cryptography, hash functions. - One-way functions: Weak and Strong one-way functions. - Pseudo-random Generators (PRG): Blum-Micali-Yao Construction, Construction of more powerful PRG, Relation between One-way functions and PRG, Pseudorandom Functions (PRF) ## Unit IV: BUILDING A PSEUDORANDOM PERMUTATION - The LubyRackoff Construction: Formal Definition, Application of the LubyRackoff Construction to the construction of Block Ciphers, The DES in the light of LubyRackoff Construction. ## Unit V: MESSAGE AUTHENTICATION CODES - Left or Right Security (LOR). - Formal Definition of Weak and Strong MACs, Using a PRF as a MAC, Variable length MAC. - Public Key Signature Schemes: Formal Definitions, Signing and Verification, Formal Proofs of Security of Full Domain Hashing. - Assumptions for Public Key Signature Schemes: One-way functions Imply Secure One-time Signatures, Shamir's Secret Sharing Scheme. - Formally Analyzing Cryptographic Protocols. - Zero Knowledge Proofs and Protocols. **L: Lecture T: Tutorial P: Practical C: Credits** **Total 45 Periods** # TEXT BOOKS 1. Hans Delfs and Helmut Knebl, Introduction to Cryptography: Principles and Applications, Springer Verlag. 2. Wenbo Mao, Modern Cryptography, Theory and Practice, Pearson Education (Low Priced Edition) # REFERENCES 1. ShaffiGoldwasser and MihirBellare, Lecture Notes on Cryptography, Available at http://citeseerx.ist.psu.edu/. 2. OdedGoldreich, Foundations of Cryptography, CRC Press (Low Priced Edition Available), Part 1 and Part 2 3. William Stallings, “Cryptography and Network Security: Principles and Practice”, PHI 3rd Edition, 2006. # MALWARE ANALYSIS | L | T | P | C | |---|---|---|---| | 3 | 0 | 0 | 3 | **Course Objective(s):** The purpose of learning this course is - To introduce the fundamentals of malware, types and its effects - To enable to identify and analyse various malware types by static analysis - To enable to identify and analyse various malware types by dynamic analysis - To deal with detection, analysis, understanding, controlling, and eradication of malware **Course Outcomes:** At the end of this course, learners will be able to: - Understand the various concepts of malware analysis and their technologies used. - Possess the skills necessary to carry out independent analysis of modern malware samples using both static and dynamic analysis techniques - Understand the methods and techniques used by professional malware analysts - To be able to safely analyze, debug, and disassemble any malicious software by Malware Analysis - Understand the concept of Android malware analysis their architecture, and Appdevelopment ## Unit I: INTRODUCTION AND BASIC ANALYSIS **CO5: Express the use of Message Authentication Codes.** - Goals of Malware Analysis, AV Scanning, Hashing, Finding Strings, Packing and Obfuscation, PEfile format, Static, Linked Libraries and Functions, Static Analysis tools, Virtual Machines and theirusage in malware analysis, Sandboxing, Basic dynamic analysis, Malware execution, Process Monitoring, Viewing processes, Registry snapshots ## Unit II: ADVANCED STATIC ANALYSIS - The Stack, Conditionals, Branching, Rep Instructions, Disassembly, Global and local variables, Arithmetic operations, Loops, Function Call Conventions, C Main Method and Offsets. - Portable Executable File Format, The PE File Headers and Sections, IDA Pro, Function analysis, Graphing, The Structure of a Virtual Machine, Analyzing Windows programs, Anti-static analysis techniques, obfuscation, packing, metamorphism, polymorphism. Real time implementation applications for statistical analysis of malware ## Unit III: ADVANCED DYNAMIC ANALYSIS - Live malware analysis, dead malware analysis, analyzing traces of malware, system calls, API calls, registries, network activities. Anti-dynamic analysis techniques, VM detection techniques, Evasion techniques,, Malware Sandbox, Monitoring with Process Monitor, Packet Sniffing with Wireshark, Kernel vs. User-Mode Debugging, OllyDbg, Breakpoints, Tracing, Exception Handling,Patching. Real time implementation applications for dynamic analysis of malware ## Unit IV: MALWARE FUNCTIONALITY - Downloaders and Launchers, Backdoors, Credential Stealers, Persistence Mechanisms, Handles, Mutexes, Privilege Escalation, Covert malware launching- Launchers, Process Injection, Process Replacement, Hook Injection, Detours, APC injection. Classification of malwares based on their behaviour. Usage of tools to classify malware ## Unit V: ANDROID MALWARE ANALYSIS - Android Malware Analysis: Android architecture, App development cycle, APKTool, APKInspector, Dex2Jar, JD-GUI, Static and Dynamic Analysis, Case studies, Implementation of real-time application for android malware analysis **L: Lecture T: Tutorial P: Practical C: Credits** **Total 45 Periods** # TEXT BOOKS 1. Michael Sikorski and Andrew Honig, "Practical Malware Analysis" by No Starch Press, 2012, ISBN: 9781593272906 2. Bill Blunden, "The Rootkit Arsenal: Escape and Evasion in the Dark Corners of theSystem", Second Edition,Jones & Bartlett Publishers, 2009 # REFERENCES 1. Jamie Butler and Greg Hoglund, “Rootkits: Subverting the Windows Kernel" by 2005,Addison-Wesley Professional. 2. Bruce Dang, Alexandre Gazet, Elias Bachaalany, SébastienJosse, "Practical ReverseEngineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation", 2014 3. Victor Marak, "Windows Malware Analysis Essentials" Packt Publishing, O'Reilly, 2015. 4. Ken Dunham, Shane Hartman, Manu Quintans, Jose Andre Morales, Tim Strazzere, "Android Malware and Analysis",CRC Press, Taylor & Francis Group, 2015

Use Quizgecko on...
Browser
Open
Browser
Browser