Malicious Software and its Underground Economy: Two Sides to Every Story

Learn about traditional and mobile malware, the security threats they represent, state-of-the-art analysis and detection techniques, and the underground ecosystem that drives such a profitable but illegal business.

About The Course

Cybercrime has become both more widespread and harder to battle. Researchers and anecdotal experience show that the cybercrime scene is becoming increasingly organized and consolidated, with strong links also to traditional criminal networks. Modern attacks are indeed stealthy and often profit oriented.

Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.

By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?".

 Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques.

Frequently Asked Questions

  • How does this differ from a Computer Security class?

     “Computer Security” is more focused on teaching students how to design and build secure systems and write secure code. To this end, traditional software vulnerabilities and exploitation techniques are presented, leading eventually to a discussion of malware. Conversely, while such a class will likely touch on some software vulnerabilities and exploitation techniques too for completeness (as those are often the prelude to a malware infection nowadays), the overall goal here is at focusing on the analysis and detection of (traditional and mobile) malicious software, peering also through the underground ecosystem linked to it. The two classes are definitely complementary.

  • If I have not programmed before, can I still take the course?

    Probably not.

  • Where can I find out about more information regarding this subject and the University of London programmes?

    The content of this course is drawn from the extensive world renowned portfolio of flexible study programmes offered through the University of London International Programmes.  These programmes result from a collaboration between the University of London International Academy and 12 Colleges of the University of London.  Established in 1858, the International Programmes is the world’s oldest provider of flexible learning. Today there are 52,000 students in 180 countries studying  through the University of London International Programmes, for more than 100 qualifications at degree, higher education diploma and certificate level.  The University also works with a network of independent teaching centres worldwide, all of which provide teaching, tutoring and pastoral care. For more information please follow this link: 

Recommended Background

Operating Systems, Computer Architecture, Computer Security Class (optional)