Studying at the University of Verona
Here you can find information on the organisational aspects of the Programme, lecture timetables, learning activities and useful contact details for your time at the University, from enrolment to graduation.
Study Plan
This information is intended exclusively for students already enrolled in this course.If you are a new student interested in enrolling, you can find information about the course of study on the course page:
Laurea magistrale in Ingegneria e scienze informatiche - Enrollment from 2025/2026The Study Plan includes all modules, teaching and learning activities that each student will need to undertake during their time at the University.
Please select your Study Plan based on your enrollment year.
1° Year
2° Year activated in the A.Y. 2022/2023
| Modules | Credits | TAF | SSD |
|---|
| Modules | Credits | TAF | SSD |
|---|
| Modules | Credits | TAF | SSD |
|---|
4 modules among the following2 modules among the following3 modules among the followingLegend | Type of training activity (TTA)
TAF (Type of Educational Activity) All courses and activities are classified into different types of educational activities, indicated by a letter.
Malware (2021/2022)
Teaching code
4S003738
Credits
6
Language
Italian
Scientific Disciplinary Sector (SSD)
INF/01 - INFORMATICS
The teaching is organized as follows:
Teoria
Laboratorio
Learning outcomes
The course aims to provide the theoretical and practical bases of the malevolent code. In particular, the course proposes techniques for the definition and classification of malicious code, analysis of malicious code and risk management. At the end of the course, the student will have the necessary knowledge to understand the nature and evolution of the malicious code, anti-detection techniques and risk profiles. Furthermore, it will be able to perform reverse engineering of malicious code, identifying its essential components. This knowledge will allow the student to classify the threats and their evolution deriving from malicious code based attacks. The student will then be able to continue his/her studies autonomously in the field of computer security, studying new malicious codes and the respective countermeasures to mitigate their effects.
Program
Types of Malware
Cyber Kill Chain of a Malware attack
Introduction to malware analysis
How to set up a VM to perform malware analysis
Basic static analysis
Portable Executable Format
Static analysis of Portable Executable Format with PEStudio
Analyzing the behavior of a malware based on imported APIs
Basic Dynamic Analysis with Regshot and Procmon
Network Traffic Analysis with Wireshark
Assembly language for x86 architecture
Reverse engineering with IDA Freeware
Reverse engineering with Ghidra
Reverse engineering with x32dbg
Anti-Debugging techniques
Data encoding and obfuscation techniques
Code packing and encryption techniques
Analysis of malicious pdf documents
Analysis of malicious Office documents
Bibliography
Examination Methods
Students will be assessed based on a project and an oral examination. The project requires to perform:
- Basic static and dynamic analysis of a Windows malware
- Network traffic analysis of the malware
- Reverse engineering of one of the malware functions indicated by the teacher
- Basic static analysis of a malicious Office document
- Basic static analysis of a malicious pdf document
The project can be done in a group of maximum 2 students.
The analysis results have to be presented in a written report formatted according to the template provided by the teacher.
During the oral examination, the students will have to present the steps of the analysis using the virtual machines provided by the teacher. The teacher will ask questions on the performed analysis.
The teacher will publish an excel file detailing the dates and time slots available for oral examination. Students must register to take the oral exam filling their name near the chosen date and time slot.
At the end of the oral examination, the teacher will propose a mark in 30th.
