Content + Structure
Forensic analysis of Malware and malicious code
- SAS
Malware Forensics
This course teaches the forensic analysis of Malware and malicious code.
Participants will learn malware identification and family categorization, DLL hooking and injection. Further topics include botnet architectures, analysis of configuration files, and strategies for sinkholing and disrupting botnets.
Start your continuing education in June 2026.
Factsheet
- Degree/Certificate Short Advanced Stories (SAS) in Malware Forensics
- Duration 5 days
-
Schedule
Dates on request, June 2026
08.30–16.30 - ECTS credits 3 ECTS-Credits
- Costs CHF 2'500
- Teaching language English
-
Location
Biel, Aarbergstrasse 46
Partly onsite, partly remote course - School School of Engineering and Computer Science
- Next session June 2026
Short Advanced Studies (SAS)
Short Advanced Studies (SAS) are courses that take 30 to 160 hours (1 to 9 ECTS – can be credited towards DAS or MAS). Participants acquire in-depth, industry-relevant insights and skills on current topics in a short space of time. Students who do not wish to take SAS competency assessments are awarded a course certificate (no ECTS in that case).
Portrait
The digital transformation of society is affecting crime, criminals and criminal investigation. New cyber criminal methods using advanced technical tools and exploitation are an opportunity for criminals and a challenge for investigators. Technically complex illegal activities are being sold as services to less skilled criminals, increasing the challenge of fighting cybercrime. On the other hand, criminals face challenges trying to hide and avoid attribution. The large amount of digital traces stored across multiple locations creates an opportunity for criminal investigators.
Crime scenes are also changing. With the growth of cybercrime, crime scenes are becoming virtual, global, and multi-jurisdictional. Investigating a trans-national cyber crime scene requires investigative tools to remotely gather information, and also collaboration between entities in both the public and private sectors.
Modern physical crime scenes have a comprehensive set of digital evidence sources. In addition to PCs and notebooks, digital evidence traces can be found in mobiles, IoT devices, automobiles, smart control systems, data stored with cloud providers, and distributed on servers across the Internet. With the increase in digital and online payment systems, financial transactions are also becoming an important digital evidence source, especially in financially motivated crimes.
Career opportunities
The DFCI program will prepare students for career opportunities in a variety of organizations:
- Law enforcement – Federal agencies, KAPOs
- Military and government – CERTs, cyber-troops
- Finance industry – fraud/cybercrime investigation teams
- Insurance industry – cyber insurance claims investigation
- Large enterprises – security and incident response teams
- Consultancy and audit – e-Discovery, accounting, «Big Four»
- IT security service providers and product vendors
- Private boutique digital forensic and investigation firms
Continuing education at a glance
Content
- Static and dynamic binary analysis techniques
- Debuggers, disassembly, sandboxes, basic reverse engineering
- Malware identification and family categorization
- DLL hooking and injection
- Man-in-the-browser, web injection
- Malware persistence, hiding and obfuscation
- Botnet architectures, bot configuration files
- Botnet sink-holes and disruption
Degree + Title
Short Advanced Studies (SAS) in «Malware Forensics»
Requirements + admission
Find out which professionals this course is designed for and what requirements you need to meet.
Entrance Requirements
Degree from a university or higher professional education (HF, federal diploma). Professional experience in the field of cyber security / forensics.
Target audience
The Digital Forensics & Cyber Investigation Short advanced studies are designed for two groups of professionals:
- Experienced forensic investigators who want to increase their technical skills in digital forensics and cyber investigations.
- Experienced engineers and technicians who want to transition into the field of digital forensics and cyber investigations.
Infoevent and Course guidance
Do you have questions about continuing education? We will be happy to answer your questions.
Course guidance
Choosing a basic or continuing education programme is an important decision when planning your professional career. We will be happy to answer your questions and clarify your personal requirements for the desired continuing education during an individual consultation.
Location
This course is held partly on site at Aarbergstrasse 46 in Biel/Bienne and partly remote.
Switzerland Innovation Park Biel/Bienne (SIPBB)
A location with many advantages
- Classrooms within two minutes walking distance from Biel/Bienne railway station
- Ideal train connections from Bern’s main railway station (every 15 minutes) and from Bern Wankdorf (every 30 minutes)
- State-of-the-art infrastructure in the new SIPBB building
- Various catering options in the immediate vicinity
- Innovation and networking events
And that’s not all! Biel/Bienne is…
- an innovation hotspot,
- a university city,
- an industrial and service city with numerous major players in the watchmaking, mechanical engineering, precision engineering and medical technology industries and major representatives of the communications and telecommunications sectors,
- bordered by Lake Biel and its wide range of sports and leisure facilities,
- a city that embodies bilingualism,
- a town with a vibrant cultural life.
Biel Aarbergstrasse 46 (Switzerland Innovation Park Biel/Bienne)
Digital Forensics & Cyber Investigation Short Advanced Studies
The Digital Forensics & Cyber Investigation (DFCI) professional courses offer a choice of Digital Forensics and Cyber Investigation modules. They are held as one-week full-time intensive courses, making it easier to attend and faster to complete. The courses are taught in English by internationally recognised experts in the field.
