Skip to main content

Malicious Network Traffic Analysis

This course will teach you how to identify and analyze the most common types of reconnaissance, attack, lateral movement, exfiltration, and command and control traffic found in today’s networks. It covers a range of techniques from deep-packet analysis to statistical-flow analysis to open-source research and more, using tools such as Wireshark, Network Miner and RSA NetWitness Investigator as well as custom tools and scripts developed by our networking experts. Growing in complexity throughout the week, the course ends with a team exercise where you and your teammates will investigate and report on an extensive, multi-stage intrusion.

Request Course Details

Attending students will learn

  • „Strategic, Tactical and Operational Analysis
  • „Situational Awareness
  • „Current Networking Trends in Malware
  • „IDS / IPS evasion techniques
  • „Flow Analysis to help identify malicious behavior
  • „Coordinated Attacks
  • „Botnets
  • „Browser Attacks (Javascript, Obfuscation)
  • „Drive-By-Downloads
  • „OSI Layer 2,3,4,5,6,7 Attacks
  • „Social Engineering and Phishing Attacks
  • „Tunneling and Advanced Tunneling

Who should attend

  • „Threat operation analysts seeking a better understanding of network-based malware and attacks
  • „Incident responders who need to quickly address a system security breach
  • „Forensic investigators who need to identify malicious network attacks
  • „Individuals who want to learn what malicious network activity looks like and how to identify it


  • „Knowledge of IPv4 networking protocols is required
  • „Skills and experience with Wireshark display filtering is required
  • „Knowledge of RSA Netwitness is recommended
  • „Attending students should have a thorough understanding of Microsoft Windows
  • „Python scripting abilities would be beneficial
  • „CompTIA’s Network+ and Security+ certifications would be beneficial, but are not required

Courses That Follow

Request More Info About This Course

contact Focal Point

tweets by @FocalPointDR

Loading Tweets...