Categories
Uncategorized

Introduction to Malware Analysis

Now we are more than halfway through the first quarter of our 3-quarter series working on our Capstone Project. I’ve been placed in a group with 4 others, working on a project titled Malware Analysis. This project was high on my list for preferred projects, and I still have a lot to learn about what goes into executing this analysis successfully.

In order to analyze malware, it is important to isolate one’s self from the outside world. Rather, it is important to isolate the malware in a virtual environment within one’s computer so that it will have no effect on the host machine. The project specifications ask our group to create a series of virtual machines connected by a virtual network and analyze several kinds of malware both statically and dynamically. Static analysis is the study of malware without executing it and dynamic analysis requires one to execute the software. The latter is the case where the importance of the virtual environment becomes apparent.

A few folks in my group have experience with building virtual environments. This experience they have come across in either work or from another course at Oregon State, namely Defense Against the Dark Arts. I have no experience running ISOs in a hypervisor such as VMWare Workstation and just as little experience connecting devices via a virtual network. These specific requirements of the project unsettled me at first because it is new technology for me, but my group has reassured me that the process of configuring a virtual environment is very straightforward. A group mate of mine has even put together a step-by-step walk through for us about how to do it. JT, it is much appreciated.

Around the same time I started this quarter, I had begun work as an IT Technician, a very low level one. Much of my schooling didn’t help all that much with my new job surprisingly. Most of my education thus far has been in software, and this position focuses more on hardware such as thermal printers or Active Directory, company-specific applications and networks. In my work I have discovered that some servers utilize VMWare, a buzzword I have only come familiar with in this project. I am hoping that in my work in my Capstone Project that my two worlds of academia and work will merge, and I will become a more rounded computer scientist because of it.