Copyright

Malware Analysis: Tools & Techniques

Instructor: Kaitlin Oglesby
It is not enough to prevent or just get rid of malware, but instead it is important to understand where it comes from and how it infects your systems. Malware analysis comprises a number of tools and techniques that allow administrators to do just that.

What is Malware Analysis?

Chances are that you are pretty familiar with malware, best defined as any sort of program that has the potential to do harm or otherwise compromise your computer or your data. Generally speaking, when you find malware, you are going to want to get rid of it as quickly as possible.

However, malware causes us to ask a number of questions. How did the malware get there? What damage could it have done? What damage did it do? These questions are crucial to the field of malware analysis, by which people try to figure out exactly what malware can do. Malware analysis is performed by everyone from network administrators to those who specialize in producing anti-malware software. In this lesson, we are going to look at some of the tools and techniques they use to perform this analysis.

Tools Used to Perform Malware Analysis

A number of tools exist to help experts perform malware analysis. The most crucial of these is a virtual machine, which allows a computer to be created inside of a computer. This means that an actual computer is not at risk every time a file needs to be analyzed. Additionally, there are a number of tools that allow analysts to figure out more about the malware in question. Many of these are in fact published by Microsoft, due to the fact that its Windows OS is the most frequent target of malware attacks. These tools can reduce an application back into a collection of code and analyze exactly what parts of an operating system were damaged as a result of the malware, and even highlight potential identifying characteristics of the malware that would allow it to be linked back to a publisher.

Techniques to Perform Malware Analysis

Before malware even becomes a threat, a crucial step that many companies should include to enrich their malware analysis is an incident response plan. This way, the company has a set method for identifying what malware has infected a system, what its impact was, and how it got there. Also, this requires a report, meaning that larger themes of malware infection across multiple computers can be identified.

To unlock this lesson you must be a Study.com Member.
Create your account

Register for a free trial

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Free 5-day trial

Earning College Credit

Did you know… We have over 160 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it free for 5 days!
Create an account
Support