HOME > Detail View

Detail View

Malware forensics : investigating and analyzing malicious code

Malware forensics : investigating and analyzing malicious code (Loan 6 times)

Material type
단행본
Personal Author
Aquilina, James M. Casey, Eoghan. Malin, Cameron H.
Title Statement
Malware forensics : investigating and analyzing malicious code / James M. Aquilina, Eoghan Casey, Cameron H. Malin.
Publication, Distribution, etc
Burlington, MA :   Syngress Publishing,   2008.  
Physical Medium
xxxvi, 874 p. : ill. ; 24 cm.
ISBN
159749268X 9781597492683
Bibliography, Etc. Note
Includes bibliographical references and index.
Subject Added Entry-Topical Term
Computer security. Computer viruses -- Identification. Computer crimes -- Investigation.
000 01087camuu2200301 a 4500
001 000045510315
005 20130214142521
008 080218s2008 maua b 001 0 eng d
020 ▼a 159749268X
020 ▼a 9781597492683
035 ▼a (KERIS)REF000015141876
040 ▼a YDXCP ▼c YDXCP ▼d BTCTA ▼d BAKER ▼d BWX ▼d CDX ▼d IXA ▼d AU@ ▼d 211009
050 4 ▼a QA76.9.A25 ▼b A68 2008
082 0 4 ▼a 005.84 ▼a 363.25968 ▼2 23
084 ▼a 005.84 ▼2 DDCK
090 ▼a 005.84 ▼b A656m
100 1 ▼a Aquilina, James M.
245 1 0 ▼a Malware forensics : ▼b investigating and analyzing malicious code / ▼c James M. Aquilina, Eoghan Casey, Cameron H. Malin.
260 ▼a Burlington, MA : ▼b Syngress Publishing, ▼c 2008.
300 ▼a xxxvi, 874 p. : ▼b ill. ; ▼c 24 cm.
504 ▼a Includes bibliographical references and index.
650 0 ▼a Computer security.
650 0 ▼a Computer viruses ▼x Identification.
650 0 ▼a Computer crimes ▼x Investigation.
700 1 ▼a Casey, Eoghan.
700 1 ▼a Malin, Cameron H.
945 ▼a KINS

Holdings Information

No. Location Call Number Accession No. Availability Due Date Make a Reservation Service
No. 1 Location Science & Engineering Library/Sci-Info(Stacks2)/ Call Number 005.84 A656m Accession No. 121182581 Availability Available Due Date Make a Reservation Service B M

Contents information

Book Introduction

Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss ?live forensics? on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system.
Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in malicious code forensics.
Prior to this book, competing texts have described malicious code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to analyzing malicious code. Conversely, Malware Forensics: Investigating and Analyzing Malicious Code emphasizes the practical ?how-to? aspect of malicious code investigation, giving deep coverage on the design of a malicious code analysis lab, the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more.
After learning the tools and techniques covered in the book?s earlier chapters, the final chapters of Malware Forensics: Investigating and Analyzing Malicious Code focus on using honeypots to collect malicious code in the wild and conducting technical profiling and threat assessment based upon malicious code analysis findings.

* Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader.
* First book to detail how to perform ?live forensic? techniques on malicous code.
* Companion Web site provides working code for analysis.
* In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter


Information Provided By: : Aladin

Table of Contents

Introduction
Chapter 1:Malware Incident Response: Volatile Data Collection and Examination on a Live Windows System
Chapter 2:Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System
Chapter 3:Memory Forensics: Analyzing Physical and Process Memory Dumps for Malware Artifacts
Chapter 4:Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Windows Systems
Chapter 5:Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems
Chapter 6:Legal Considerations
Chapter 7:File Identification and Profiling: Initial Analysis of a Suspect File on a Windows System
Chapter 8:File Identification and Profiling: Initial Analysis of a Suspect File On a Linux System
Chapter 9:Analysis of a Suspect Program: Windows
Chapter 10:Analysis of a Suspect Program: Linux
Index


Information Provided By: : Aladin

New Arrivals Books in Related Fields