Objective: Analyze malware trends and infection points, as well as methods for analyzing malware. This will include describing what is involved in a malware analysis environment, including tools, techniques, emerging developments in malware analysis.
1. Develop and utilize policies, procedures, and technologies for incident analysis.
2. Incorporate analysis and response results into appropriate action plans, reporting information sharing, improvement cycles, and exposure elimination.
3. Incorporate analysis and response results into appropriate action plans, reporting, information sharing, improvement cycles, and exposure elimination.
4. Evaluate inter and intra organizational resources for incident investigation and response.
The use of computers and electronic devices to aid in the commission of crimes has seen explosive year over year growth. There is a high risk/reward potential for criminals in this environment compared to many other types of crimes. One of the tools of choice for criminals is malware, whether for theft of personal information, computing resources, or other forms of mischief.
Most organizations cease their effort once they have removed a malware threat or removed an infection. Our goal is to go much further and perform a full malware analysis of the incident. This means that we need a malware analysis procedures, environment, tools, and knowledge. Outline what is needed in terms of tools, procedures, and knowledge to analyze malware using both dynamic (behavioral) and static (code) analysis techniques - as well as identifying the potential vectors that delivered the payload that may allow for attribution. The trend in malware is toward memory resident payloads, often with little or no footprint beyond active memory. This can create a complex situation where a minor slip up can ruin any chance at proper analysis. Obtaining malware artifacts from the wild can be an elite skill that very few people possess, particularly when it is memory based.
Your malware analysis procedures should include who is responsible for responding to an incident, how a sample of the malware will be maintained for analysis, and how to determine scope. The malware analysis environment and tools needs to be able to handle a wide range of analysis capabilities including examining mobile malware infections. In addition to procedures and tools, the knowledge of the analyst is perhaps the most important factor in thorough and accurate analysis. Describe the critical skills that a proficient analyst should possess. Proper research and support of your arguments is an important aspect of this assignment.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also include a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also Include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.