Publication Date
2018
Document Type
Thesis
Committee Members
Michelle Cheatham (Advisor), Yong Pei (Committee Member), Mateen Rizki (Committee Member)
Degree Name
Master of Science (MS)
Abstract
Career opportunities for malware analysts are growing at a fast pace due to the evolving nature of cyber threats as well as the necessity to counter them. However, employers are often unable to hire analysts fast though due to a lack of the required skillset. Hence, the primary purpose of the thesis is to conduct a gap analysis between the binary analysis skills taught in universities with those that the recruiters are looking for. Malware can be analyzed using three main types of tools and techniques: high-level profiling, static analysis, and dynamic analysis. These methods provide detailed information about the functionality and behavior of the binary executable. To determine the relevant courses taught in universities, three different set of universities were used which consisted of the NSA accredited colleges, top universities in computer science, and top cybersecurity colleges across the world. Based on the analysis, it can be observed that there are few universities that offer cybersecurity programs, among which very few offer a course in malware analysis. To shortlist the skills necessary for career opportunities in the field of malware analysis, a list of job descriptions from three employment-related social networking sites: LinkedIn, Indeed, and Glassdoor was collected. From the inventory of job postings, it can be noticed that most of the openings require experience with malware and reverse engineering tools. The dataset of university courses was compared and paralleled with the dataset of job descriptions using three analysis methods: LDAviz tool, a word cloud generator, and a pie chart model. Based on the study, it can be concluded that though there are very few universities that teach cyber security analysis as part of their curriculum, they are exceptionally doing well in meeting the current needs of the industry. The only exception is a lack of coverage of topics like threat analysis, incident response, and computer forensics. However, it would be highly beneficial if all the schools could expand their programs and offerings in the field of Malware analysis so that young talent could easily fill these roles.
Page Count
69
Department or Program
Department of Computer Science and Engineering
Year Degree Awarded
2018
Copyright
Copyright 2018, some rights reserved. My ETD may be copied and distributed only for non-commercial purposes and may not be modified. All use must give me credit as the original author.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.
ORCID ID
0000-0001-5711-0647