Malware Forensics: Investigating & Analyzing Malicious Code (häftad)
Format
Häftad (Paperback)
Språk
Engelska
Antal sidor
674
Utgivningsdatum
2008-08-14
Förlag
SYNGRESS MEDIA
Medarbetare
H.Malin, Cameron / Casey, Eoghan / M.Aquilina, James
Illustratör/Fotograf
Approx 300 illustrations
Illustrationer
Approx. 300 illustrations
Dimensioner
134 x 191 x 40 mm
Vikt
1450 g
Antal komponenter
1
Komponenter
3:B&W 7.5 x 9.25 in or 235 x 191 mm Perfect Bound on White w/Gloss Lam
ISBN
9781597492683
Malware Forensics: Investigating & Analyzing Malicious Code (häftad)

Malware Forensics: Investigating & Analyzing Malicious Code

Investigating and Analyzing Malicious Code

Häftad Engelska, 2008-08-14
509
  • Skickas inom 10-15 vardagar.
  • Gratis frakt inom Sverige över 199 kr för privatpersoner.
Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss "live forensics" on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system.
Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in malicious code forensics.
Prior to this book, competing texts have described malicious code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to analyzing malicious code. Conversely, Malware Forensics: Investigating and Analyzing Malicious Code emphasizes the practical "how-to" aspect of malicious code investigation, giving deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more.

* Winner of Best Book Bejtlich read in 2008!
* http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html
* Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader.
* First book to detail how to perform "live forensic" techniques on malicous code.
* In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter
Visa hela texten

Passar bra ihop

  1. Malware Forensics: Investigating & Analyzing Malicious Code
  2. +
  3. The Psychology of Totalitarianism

De som köpt den här boken har ofta också köpt The Psychology of Totalitarianism av Mattias Desmet (inbunden).

Köp båda 2 för 762 kr

Kundrecensioner

Har du läst boken? Sätt ditt betyg »

Fler böcker av författarna

Övrig information

Cameron H. Malin is Special Agent with the Federal Bureau of Investigation assigned to a Cyber Crime squad in Los Angeles, California, where he is responsible for the investigation of computer intrusion and malicious code matters. Special Agent Malin is the founder and developer of the FBIs Technical Working Group on Malware Analysis and Incident Response. Special Agent Malin is a Certified Ethical Hacker (C|EH) as designated by the International Council of E-Commerce Consultants, a Certified Information Systems Security Professional (CISSP), as designated by the International Information Systems Security Consortium, a GIAC certified Reverse-Engineering Malware Professional (GREM), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), and a GIAC Certified Forensic Analyst (GCFA), as designated by the SANS Institute. Eoghan Casey is currently a computer security and computer crime consultant based in Baltimor, MD, USA. He was previously System Security Administrator for Yale University, and has received is B.A. in Mechanical Engineering from University of California, Berkeley and M.A. in Educational Communication and Technology from New York University. He is a frequent lecturer on computer security and computer crime and had contributed to the Encyclopedia of Forensic Science (Academic Press, December 2000), Criminal Profiling, 2E by Brent Turvey (Academic Press, May 2002), and written the Digital Evidence (Academic Press) and served as editor for the Handbook of Computer Crime Investigation (Academic Press). James M. Aquilina is the Managing Director and Deputy General Counsel of Stroz Friedberg, LLC, a consulting and technical services firm specializing in computer forensics; cyber-crime response; private investigations; and the preservation, analysis and production of electronic data from single hard drives to complex corporate networks. As the head of the Los Angeles Office, Mr. Aquilina supervises and conducts digital forensics and cyber-crime investigations and oversees large digital evidence projects. Mr. Aquilina also consults on the technical and strategic aspects of anti-piracy, antispyware, and digital rights management (DRM) initiatives for the media and entertainment industries, providing strategic thinking, software assurance, testing of beta products, investigative assistance, and advice on whether the technical components of the initiatives implicate the Computer Fraud and Abuse Act and anti-spyware and consumer fraud legislation. His deep knowledge of botnets, distributed denial of service attacks, and other automated cyber-intrusions enables him to provide companies with advice to bolster their infrastructure protection.

Innehållsförteckning

Introduction
Chapter 1:Malware Incident Response: Volatile Data Collection and Examination on a Live Windows System
Chapter 2:Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System
Chapter 3:Memory Forensics: Analyzing Physical and Process Memory Dumps for Malware Artifacts
Chapter 4:Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Windows Systems
Chapter 5:Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems
Chapter 6:Legal Considerations
Chapter 7:File Identification and Profiling: Initial Analysis of a Suspect File on a Windows System
Chapter 8:File Identification and Profiling: Initial Analysis of a Suspect File On a Linux System
Chapter 9:Analysis of a Suspect Program: Windows
Chapter 10:Analysis of a Suspect Program: Linux
Index