Advanced Malware Traffic Analysis - Adaptive Defence. 2024 Edition

This intensive hands-on training provides students with the essential know-how to analyse malware traffic: the experience and knowledge of understanding malware behaviours on the network. Through exercises, students learn to recognise malicious connections, distinguish normal from malicious behaviours, and handle large traffic captures. The most important lesson of the training is not about how to use the tools. The goal is to transmit the experience of recognising malicious actions in the network, such as how malware hides, how to track it, and how to analyse traffic patterns to discard false positive connections. Students will execute their own malware, exploit active services, capture the traffic, and analyse it, with a special emphasis on real environments.