Syllabus Application
CS 48008
Special Topics in CS: Malware Analysis and Detection
Faculty
Faculty of Engineering and Natural Sciences
Semester
Spring 2025-2026
Course
CS 48008 -
Special Topics in CS: Malware Analysis and Detection
Time/Place
Time
Week Day
Place
Date
10:40-13:30
Thu
FENS-L063
Feb 16-May 22, 2026
Level of course
Undergraduate
Course Credits
SU Credit:3, ECTS:6, Engineering:6
Prerequisites
CS 408
Corequisites
-
Course Type
Lecture
Instructor(s) Information
Orçun Çetin
- Email: orcun.cetin@sabanciuniv.edu
Course Information
Catalog Course Description
Introduction to Malware Analysis - Classification of Malware -Environment Setup for Safe Analysis -Malware Analysis in Virtual Machines Basic Analysis -Basic Static analysis -Basic Dynamic analysis Advanced Static Analysis -Reverse engineering basics - Review of x86 assembly -Disassembly with IDA Pro & other tools -Recognizing C Code Constructs in Assembly -Analyzing Malicious Windows Programs Advanced Dynamic Analysis -Debugging with OllyDbg & x32dbg -More hands on malware analysis practice Analyzing Java Binaries Analyzing .NET Malware Malware Analysis with Ghidra Malware Functionality Malware Behavior & Covert Malware Launching Analyzing Malware Obfuscation Malicious document analysis (PDF, docs, macros) Basics of Window operating system
Course Learning Outcomes:
| 1. | Comprehensive Malware Analysis Skills:Gain a deep understanding of malware, itsclassification, and its impact on computer systems. Develop the ability to performboth static and dynamic analysis, usingvarious tools and techniques, to dissect andunderstand the behavior of different typesof malware. |
|---|---|
| 2. | Reverse Engineering Proficiency: Master theart of reverse engineering, including x86assembly language, disassembly with toolslike IDA Pro, and recognizing high-levelprogramming language constructs inassembly. This skill is crucial for delvingdeep into malware code and uncovering itsfunctionality. |
| 3. | Advanced Dynamic Analysis andDebugging: Acquire advanced dynamicanalysis skills, including debugging withtools like OllyDbg and x32dbg. Learn todissect malware's runtime behavior,memory manipulation, and evasiontechniques, enabling you to effectivelyidentify and mitigate threats. |
| 4. | Understanding Windows Operating SystemInternals and File Formats: Gain a deepunderstanding of Windows operatingsystem internals, including its file systemstructures, registry, and API interactions.Learn to analyze and interpret variousWindows-specific file formats used bymalware, such as PE (Portable Executable)files, DLLs (Dynamic Link Libraries), andregistry hives. Develop the ability to identifyand extract critical information from theseformats, enabling comprehensive malwareanalysis and detection on the Windows platform. |
Course Objective
Sustainable Development Goals (SDGs) Related to This Course:
| Affordable and Clean Energy |
Course Materials
Resources:
Slides & Virtual Machine for malware analysis (Guide will be provided!)
Technology Requirements:
A laptop with at least 16 GB RAM and 70 GB of available storage is required.