Skip navigation.
Home

Suggestions requested for seminar on Malware & its trends & techniques.

|

I'm going to give a seminar on "Recent Trends in Virus & Anti-virus Strategies" as a part of my course work in my Post Graduation. I got two months of time. So, I want to fully utilize this period.I myself chosen this topic because I want to master this area.My target audience are computer literates but know nothing about computer viruses. So, I'm going to walk all the way from "What is a Computer Virus" to the current techniques used for detection & to avoid detection. I found two journals to know about the research in this field.Journal in Computer VirologyInformation Security Technical ReportOther than these two journals. Are there any sources (that I should be knowing. I'm still searching though.) to know about recent trends.I'm starting my reading from Wiki Article & its references & its external links.Since I'm no expert in this area. I want suggestions from you guys. I want to know if there are are any MUST reads (books, articles, research papers any thing that you may find will be useful to me) which I may not be aware of.My plan about what to cover in this is:

  1. Definitions & Clarifications of Virus lingo (malware , worm etc..)
  2. How Virus Works (basics)
  3. about Hosts of viruses
  4. Virus Infection strategies
  5. Methods to avoid detection
  6. Countermeasures by Antivirus for each of the above methods.
  7. Case Study of some sample viruses by disassembling the infected files.
  8. Demonstration by running an infected file in sandbox.

& What else?? Are there any tools I should be using?As I said, I want to demonstrate virus in action by using a sandbox. Which tool should I use?Any more suggestions to make this interesting & practical?I really want to put lot of effort into this and teach them what everything I learn't.

I recommend Virus Bulletin

I recommend Virus Bulletin archive:

http://www.virusbtn.com/virusbulletin/archive/index

ACM CCS is another

ACM CCS is another conference where a lot of good research is happening.

Anything from Ross Anderson or Fred Cohen

"Security Engineering", 2nd Ed.
Ross Anderson

The text introduces a way to think. Most folks who come here probably don't *need* "lessons" perse. But the scope of vulnerabilties and exploitation is fully covered. EMC from a keyboard or TEMPEST, social engineering, intro to crypto algorithms (their weaknesses and tradeoffs), network intrusion, even bump keys. Also, reasons why an OS known for vulnerability will remain as such, why AV apps from an OS vendor make no sense. Try his website http://www.cl.cam.ac.uk/~rja14/.

Fred Cohen's site: http://all.net/

Even the earlier work from each of these two remains relevent to novice and manager. Ross A. makes a point of identifying areas where research is needed and Fred's writing suggests an origin for Kevin Mitnick's techniques.

John

Good little paper to base something on....

Here is a good paper that describes delivery vehicles and social engineering techniques of malware:

http://download.microsoft.com/download/c/e/c/cecd00b7-fe5e-4328-8400-2550c479f95d/Social_Engineering_Modeling.pdf