Preparing video…

Malicious Software and its Underground Economy: Two Sides to Every Story

Learn about traditional and mobile malware, the security threats they represent, state-of-the-art analysis and detection techniques, and the underground ecosystem that drives such a profitable but illegal business.


Course at a Glance

About the Course

Cybercrime has become both more widespread and harder to battle. Researchers and anecdotal experience show that the cybercrime scene is becoming increasingly organized and consolidated, with strong links also to traditional criminal networks. Modern attacks are indeed stealthy and often profit oriented.

Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.

By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?".

 Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques.

Course Syllabus

Week One: Introduction to Malicious Software
Week Two: (A Glimpse at) Static Analysis and its Limitation
Week Three: (A Glimpse at) Dynamic Analysis and its Limitation
Week Four: Introduction to Mobile Malware Threats
Week Five: Specialized Underground Cybercrime
Week Six: Cybercrime economy (and its costs)

Recommended Background

Operating Systems, Computer Architecture, Computer Security Class (optional)

Course Format

The course materials will incorporate video/audio learning content with formative assessments and the addition of hands-on challenges to be completed by the students as self-assessed study.


  • How does this differ from a Computer Security class?

     “Computer Security” is more focused on teaching students how to design and build secure systems and write secure code. To this end, traditional software vulnerabilities and exploitation techniques are presented, leading eventually to a discussion of malware. Conversely, while such a class will likely touch on some software vulnerabilities and exploitation techniques too for completeness (as those are often the prelude to a malware infection nowadays), the overall goal here is at focusing on the analysis and detection of (traditional and mobile) malicious software, peering also through the underground ecosystem linked to it. The two classes are definitely complementary.

  • If I have not programmed before, can I still take the course?

    Probably not.

  • Where can I find out about more information regarding this subject and the University of London programmes?

    The content of this course is drawn from the extensive world renowned portfolio of flexible study programmes offered through the University of London International Programmes.  These programmes result from a collaboration between the University of London International Academy and 12 Colleges of the University of London.  Established in 1858, the International Programmes is the world’s oldest provider of flexible learning. Today there are 52,000 students in 180 countries studying  through the University of London International Programmes, for more than 100 qualifications at degree, higher education diploma and certificate level.  The University also works with a network of independent teaching centres worldwide, all of which provide teaching, tutoring and pastoral care. For more information please follow this link: