A hands-on lab for macro malware detection using machine learning on virtual machines

Abstract

We developed a hands-on lab for students to learn macro malware detection using decision trees on an open sourced data analytics software, HPCC, running on a virtual machine. The labware along with required software and documents are freely available at our project website. Our design is low cost, customizable and can be easily replicated to other institutions. Our experience shows that students have difficulties in configuring software environment for the lab. The virtual machine approach allows pre-configurations for datasets and required software installations and setting to facilitate students' learning and instructors' teaching. Since students are working on malware, the virtual machine provides an isolated network environment for testing without affecting normal operating network. This lab design can also be integrated into online courses by simply downloading and installing the customized virtual machine.