[an error occurred while processing this directive]
<meta NAME="ROBOTS" CONTENT="index,follow">
<meta NAME="keywords" CONTENT=" cybercriminal, computer, underground, information, engineering, department, corporate, countermeasures, ecosystem, stealing, economy, techniques, course, service, operations, understand, mitigation, actors, factor, effective, economic, botnet, university, malware, analysis, participant, against, detection, analysing, data, remaining, network, science, technical, aspects, legal, social, oxford, places, infection, traces, held, attacks, 22nd, malicious, organisations, increasingly, considerations, specialised, collaborate, nomenclature, spearphishing, introduction, profitable, endeavours, illustrate, monetisation, objectives, successful, polymorphic, sensitive, financial, metamorphic, requirements, introduce, frequency, surrounding, becoming, internet, execution, programmes, ransomware, criminal, focusing, hacktivism, laundering, strategy, additional, cybercrime, normally, technology, generated, concepts, affiliate, problem, scareware, affected, example, espionage, sponsored, emerged, provide, towards, success, antivirus, intrusion, contents, takedowns, taxonomy, research, education, knowledge, activity, infected, analyse, targeted, breaches, infect, complex, entire, around, history, detail, ethical, required, evading, banking">
<meta name="DESCRIPTION" content="Understanding and Mitigating Malware course Malware is increasingly becoming a key problem for organisations and Internet users Cybercriminals infect computers with malware and use them for their own gain, for example by stealing sensitive financial information or corporate data This ecosystem has become so profitable that an entire underground economy has emerged around it, in which specialised actors provide services to each other and collaborate towards the success of these criminal endeavours In this course, we will cover malware and cybercriminal operations in detail, focusing on both the engineering and the social and economic aspects of malware operations We will then introduce mitigation techniques against malware operations, and illustrate what an effective mitigation strategy against malware operations looks like Frequency This course normally runs twice a year ">


<meta name="Edited" content="Wed, 21 May 2025 17:45:02 GMT">
<meta name="Published" content="Wed, 21 May 2025 17:45:06 GMT">

<title>Software Engineering at Oxford | Understanding and Mitigating Malware ( MAL )</title>

<!-- icon -->
<link rel="shortcut icon" type="image/ico" href="../favicon.ico">

<script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript"></script>
<script type="text/javascript">_uacct = "UA-1306673-1";urchinTracker();/*UA-579489-1*/</script>
<META name="verify-v1" content="CwYQSB0rDIbG5v7tQy+2xKxvNEoOxCNSFYYF7mSW7bo=" />
[an error occurred while processing this directive]

<div id="breadcrumb">
   
   <ul class="mainnav">
      <li>
         <a href="/">Computer Science</a></li><li><a href="/softeng/">Software Engineering</a>
      </li>
      <li>
         <a href="/softeng/courses/">Courses</a>
      </li>
      <li>
         <a href="/softeng/courses/subjects.html">Subjects</a>
      </li>
      <li>
         <span class="youarehere">Understanding and Mitigating Malware ( MAL )</span>
      </li>
   </ul>
</div>


<!--
<span id="headerItem">
  <a href="../programme/contact.html" title="Contacts">Contact</a> | 
  <a href="../search/search.jsp" title="Search">Search</a> |
  <a href="../sitemap.html" title="Sitemap">Site map</a> | 
  <a href="https://www.softeng.ox.ac.uk/signin/" title="Sign in">Sign
  in</a>
</span>
-->

<div id="content">

<table cellpadding="0" cellspacing="0" border="0"><tr><td style="width: 75px"><div style="width: 75px;height: 75px"><div style="width: 55px;height: 55px; margin: 10px;-moz-box-shadow: 0px 5px 5px rgba(0,0,0,0.3), -2px 1px 5px rgba(0,0,0,0.3), 2px 1px 5px rgba(0,0,0,0.3); -webkit-box-shadow: 0px 5px 5px rgba(0,0,0,0.3), -2px 1px 5px rgba(0,0,0,0.3), 2px 1px 5px rgba(0,0,0,0.3); box-shadow: 0px 5px 5px rgba(0,0,0,0.3), -2px 1px 5px rgba(0,0,0,0.3), 2px 1px 5px rgba(0,0,0,0.3);-moz-border-radius: 8px;-webkit-border-radius: 8px; border-radius: 8px;" id="MALBg"><div style="font-size: 14px; font-weight: bold; text-align:center; position: relative; top: 20px; background-color: transparent; color: white">MAL</div></div></div></td><td style="vertical-align:middle"><h1>Understanding and Mitigating Malware</h1></td></tr></table>
      <div>
	
	<p><p>Malware is increasingly becoming a key problem for organisations and Internet users. Cybercriminals infect computers with malware and use them for their own gain, for example by stealing sensitive financial information or corporate data. This ecosystem has become so profitable that an entire underground economy has emerged around it, in which specialised actors provide services to each other and collaborate towards the success of these criminal endeavours. In this course, we will cover malware and cybercriminal operations in detail, focusing on both the engineering and the social and economic aspects of malware operations. We will then introduce mitigation techniques against malware operations, and illustrate what an effective mitigation strategy against malware operations looks like.</p>
<h4>Frequency</h4>
<p>This course normally runs twice a year.</p></p>
<h4>Course dates</h4>
<center>
<table style="margin-left: 20px" width="95%">
<tr><td width="22%" valign="top">16th June 2025</td><td valign="top">Oxford University Department of Computer Science - Held in the Department</td><td valign="top" width="33%">04 places remaining.</td></tr>
<tr><td width="22%" valign="top">22nd September 2025</td><td valign="top">Oxford University Department of Computer Science - Held in the Department</td><td valign="top" width="33%">11 places remaining.</td></tr>
<tr><td width="22%" valign="top">22nd June 2026</td><td valign="top">Oxford University Department of Computer Science - Held in the Department</td><td valign="top" width="33%">11 places remaining.</td></tr>
</table>
</center>
<h4>Objectives</h4>
<p><p>The successful participant will:</p>
<ul>
<li>Understand core concepts and nomenclature of malware and cybercriminal operations.</li>
<li>Be able to analyse malware analysis traces such as network traces and execution dumps to understand the nature of a malware infection on an affected computer.</li>
<li>Understand the technical, economic, and social aspects of malware operations. These aspects will allow the participant to understand how a single malware infection factors into the complex cybercriminal ecosystem.</li>
<li>Devise effective mitigation techniques against malware operations. These mitigation will be not only technical, but will also factor in economic, social, and legal aspects.</li>
</ul></p>
<h4>Contents</h4>
<p><dl>
<dt>Introduction on malware</dt>
<dd>history of malware, taxonomy of malware, botnets, ethical considerations on doing malware research, malware evading detection (polymorphic and metamorphic malware)</dd>
<dt>Malware analysis</dt>
<dd>analysing network traces generated by malware, analysing malicious code, analysing malicious activity on infected computers</dd>
<dt>What is malware used for</dt>
<dd>email spam and affiliate programmes, information stealing malware, banking malware, ransomware, denial of service, scareware, click fraud</dd>
<dt>Targeted attacks</dt>
<dd>spearphishing, data breaches, corporate espionage, state-sponsored attacks, Hacktivism</dd>
<dt>Malware monetisation</dt>
<dd>the underground economy surrounding malware, money laundering schemes, additional actors in the cybercrime ecosystem</dd>
<dt>Malware mitigation</dt>
<dd>antivirus technology, intrusion detection systems, engineering countermeasures, botnet takedowns, economic countermeasures, legal countermeasures, education countermeasures</dd>
</dl></p>
<h4>Requirements</h4>
<p>No prior knowledge is required to attend this course.</p>

	
      </div>

<br>

    
[an error occurred while processing this directive]

<!--  mainnav div starts -->
<div id="nav">     
 <h2 id="mainsections">Main sections</h2>
 
 <h2 id="inthissection">Programme</h2>
 <ul class="mainnav" >
  <li>
   <a href="../" title="Return to the Home page" class="menu" >Home</a>
  </li>
  <li>
   <a href="../programme/index.html" title="About the programme" class="menu">About</a>
  </li>
  <li>
   <a href="../programme/history.html" title="The history of the Programme"  class="menu">History</a>
  </li>
  <li>
   <a href="../programme/people.html" title="The people involved" class="menu">People</a>
  </li>
  <li>
   <a href="http://www.cs.ox.ac.uk" title="Department of Computer Science" class="menu">Department</a>
  </li>
  <li>
   <a href="../programme/contact.html" title="Getting in touch" class="menu">Contact us</a>
  </li>
  </ul>
  
  
  <h2 id="inthissection">Courses</h2>
  <ul class="mainnav">
  <li>
   <a href="../courses/" title="About the courses" class="menu">About</a>
  </li>
  <li>
   <a href="../courses/subjects.html" title="Subjects offered" class="currentsection">Subjects</a>
  </li>
  <li>
   <a href="../courses/calendar.html" title="Course dates" class="menu">Calendar</a>
  </li>
  <li>
   <a href="../courses/booking.html" title="How to book a place on a course" class="menu">Booking</a>
  </li>
  </ul>
  
  
  <h2 id="inthissection">Study</h2>
  <ul class="mainnav">
  <li>
   <a href="../study/" title="Flexible, postgraduate study" class="menu">About</a>
  </li>
  <li>
   <a href="../study/awards.html" title="Academic awards" class="menu">Awards</a>
  </li>
  <li>
   <a href="../study/fees.html" title="University fees" class="menu">Fees</a>
  </li>
  <li>
   <a href="../study/apply.html" title="How to apply" class="menu">Applications</a>
  </li>
  <li>
   <a href="../study/collegiate.html" title="Collegiate University" class="menu">Colleges</a>
  </li>
  </ul>
  
  
  <h2 id="inthissection">Resources</h2>
  <ul class="mainnav">
  <li>
   <a href="../handbook/" title="Handbook" class="menu">Handbook</a>
  </li>
  <li>
   <a href="../brochures/" title="Brochures" class="menu">Brochures</a>
  </li>
 </ul>



[an error occurred while processing this directive]