 | | |
| Malware Forensics: Investigating and Analyzing Malicious Code | 
| Authors: Cameron H. Malin, Eoghan Casey, James M. Aquilina
Publisher: Syngress
Category: Book
List Price: $59.95
Buy New: $53.83
You Save: $6.12 (10%)
Buy New/Used from $53.83
Avg. Customer Rating:  (5 reviews)
Sales Rank: 70961
Media: Paperback
Number Of Items: 1
Pages: 592
Shipping Weight (lbs): 3.1
Dimensions (in): 9.1 x 7.5 x 1.7
ISBN: 159749268X
Dewey Decimal Number: 005
EAN: 9781597492683
ASIN: 159749268X
Publication Date: June 23, 2008
Availability: Usually ships in 1-2 business days
|
| Editorial Reviews:
Product Description
Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss ?live forensics? on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system.
Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in malicious code forensics.
Prior to this book, competing texts have described malicious code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to analyzing malicious code. Conversely, Malware Forensics: Investigating and Analyzing Malicious Code emphasizes the practical ?how-to? aspect of malicious code investigation, giving deep coverage on the design of a malicious code analysis lab, the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more.
After learning the tools and techniques covered in the book?s earlier chapters, the final chapters of Malware Forensics: Investigating and Analyzing Malicious Code focus on using honeypots to collect malicious code in the wild and conducting technical profiling and threat assessment based upon malicious code analysis findings.
* Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader.
* First book to detail how to perform ?live forensic? techniques on malicous code.
* Companion Web site provides working code for analysis.
* In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter
|
| Customer Reviews:
A must have for investigators and attorneys advising corporate clients August 17, 2008
This book is a must have for attorneys and investigators dealing with corporations victimized by internet criminals looking to steal the keys to the digital vault. It is the most complete treatment of the legal and investigative issues facing forensic investigators and corporate victims in determining the origins of the attack as well as its intent. Also, unlike most works in this area it provides analysis of the regulatory schemes both domestic and international which impact the nature and extent of these investigations. A must have resource.
soup to nuts August 13, 2008
I had been searching for a reference guide to help my company deal with some network anomalies and was recommended this book from a colleague.
Pros: Let me begin first by saying this is a very down-in-the-dirt detailed book and has certainly earned its spot on my desk. The book shows you not only how to pick your malware apart (I'm all about details and am the type of person that will want to know exactly what a piece of code did), but also how you could use the information you find to prosecute those pesky haxors. Like "uke92," I also liked the "alternative tools text boxes," as it allows me to play/shop around with all the tools available out there.
Cons:I would have liked to see this book broken up into two as I deal primarily with Windows systems. That way, I might have saved a few bucks. Other than that, can't wait to see what these guys put out next.
Remarkable August 13, 2008
With over 10 years in IT, I constantly look for quality reference materials to stay current. This is, without question, the most complete and readable malware book I have found. The examples and illustrations are direct and on point, allowing even those with less technical experience to understand the investigative process, while remaining highly relevant to seasoned IT professionals. Unlike most other work, this work provides the insight of the legal process that can only be gained from first hand experience. The author clearly has set the standard for computer forensics guides.
Simply a Must August 12, 2008
This book is an absolute must for anyone who is interested in malware forensics. This book is phenomenally detailed, and provides a step by step process to break down the malware, and get an amazing analysis from it. This book takes the reader into the mind of the author of the malicious code, and shows you how the code is supposed to act. This book is an absolute must for anyone who seeks to further their knowledge about investigating malicious code.
A Comprehensive Guide August 9, 2008
This book is an invaluable resource for understanding how to respond to malware incidents for both Windows and Linux based systems. In a step-by-step, case scenario based approach, the authors do a great job of guiding the reader from live response forensics, to memory analysis to "post-mortem forensics," and all the way through the analysis of the suspect code. Each chapter covers a variety of tools in-depth during the case scenario, and offers the reader plenty of alternative tools in text-boxes, which I particularly like. Although the book is dense with material and will certainly be my "go-to" desk reference for malware incidents, it is also an intriguing and entertaining read that I highly recommend.
|
|
|
Powered by: Dknc, inc. and Amazon.com | | 
For your safety and security, orders are processed through amazon.com
|
|
|
|