Tech Quarto
Search Advanced SearchView Cart   Checkout   
 Location:  Home » Windows » Encryption » Malware Forensics: Investigating and Analyzing Malicious Code  
Categories
Computer Science
The Internet
For Dummies
Web Browsers
Windows
Digital Culture
Multimedia
Mobile & Wireless
Subcategories
Mass Market
Trade
Related Categories
• Encryption
Security & Encryption
Web Development
Computers & Internet
Subjects
• Privacy
Business & Culture
Computers & Internet
Subjects
Books
• Network Security
Networking
Computers & Internet
Subjects
Books
• Information Systems
Software Engineering
Computer Science
Computers & Internet
Subjects
• General
Computers & Internet
Subjects
Books
• Forensics
Security & Encryption
Computers & Internet
Subjects
Books
• Paperback
Binding (binding)
Refinements
Books
• Printed Books
Format (feature_browse-bin)
Refinements
Books
Visit Laptop Nirvana for the best Cheap Discount Laptops

Malware Forensics: Investigating and Analyzing Malicious Code

Malware Forensics: Investigating and Analyzing Malicious Code

zoom enlarge 		Authors: Cameron H. Malin, Eoghan Casey, James M. Aquilina
Publisher: Syngress
Category: Book

List Price: $69.95
Buy New: $52.99
You Save: $16.96 (24%)



New (23) Used (11) from $49.95

Avg. Customer Rating: 5.0 out of 5 stars 9 reviews
Sales Rank: 40549

Media: Paperback
Number Of Items: 1
Pages: 592
Shipping Weight (lbs): 3.1
Dimensions (in): 9.1 x 7.5 x 1.7

ISBN: 159749268X
Dewey Decimal Number: 005
EAN: 9781597492683
ASIN: 159749268X

Publication Date: June 30, 2008
Availability: Usually ships in 1-2 business days
Condition: New Book. Fast Shipping.
Similar Items:

  • UNIX and Linux Forensic Analysis DVD Toolkit
  • The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler
  • Windows Forensic Analysis Including DVD Toolkit
  • The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
  • Mastering Windows Network Forensics and Investigation (Mastering)
Editorial Reviews:

Product Description
Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss ?live forensics? on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system.
Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in malicious code forensics.
Prior to this book, competing texts have described malicious code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to analyzing malicious code. Conversely, Malware Forensics: Investigating and Analyzing Malicious Code emphasizes the practical ?how-to? aspect of malicious code investigation, giving deep coverage on the design of a malicious code analysis lab, the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more.
After learning the tools and techniques covered in the book?s earlier chapters, the final chapters of Malware Forensics: Investigating and Analyzing Malicious Code focus on using honeypots to collect malicious code in the wild and conducting technical profiling and threat assessment based upon malicious code analysis findings.

* Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader.
* First book to detail how to perform ?live forensic? techniques on malicous code.
* Companion Web site provides working code for analysis.
* In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter

Customer Reviews:   Read 4 more reviews...

5 out of 5 stars Practical and essential for IT industry experts   October 1, 2008
As the sole network administrator in a small Internet startup, I am responsible for every facet of our IT department. In the past year, our network has encountered intrusions, mainly by vindictive ex-employees, and a myriad of viruses/trojans of which a few of our systems became zombie machines. Since our network has fallen prey to various malware, on several occasions I've been notified by law enforcement that our machines were a part of a bot net. Other times we were warned by PayPal, eBay, and other financial institutions such as Bank of America that we were hosting phishing web sites. Starting a company on limited funds and manpower as well as enduring the growing pains of maintaining a network are difficult enough by itself. A colleague from my prior company referred me this new book which he thought would be suitable to bring me up to speed on investigating malware. Together with my knowledge base and reading through several key chapters, performing a few practical hands on case scenarios, and building a live response tool kit, I feel confidant that I would be able to proficiently investigate and analyze most malware which I may encounter. At minimum, I would be able to assist or present to law enforcement my findings for further investigation.


5 out of 5 stars Something for Everyone   September 23, 2008
Relatively new to malware analysis and computer forensics, I was a bit concerned if this book would be helpful to me. I wanted a book that would serve as an introduction as well a reference guide, and this book hit the mark! Particularly useful is the book's coverage of both Windows and Linux, which makes it a nice universal reference. [Side note: As I'm primarily a Mac user, it would have been nice to see some Mac coverage as well, but maybe in the next edition?]
The book structure and flow is intuitive and I enjoyed following the case scenarios as the basis of demonstrating the tools and techniques Although the book covers each facet of the "malware forensics" process (live response, file profiling, etc) in great detail, and with the chapters building on each other, I found it pretty easy to jump ahead to other chapters too. The book web site, (www.malwareforensics.com) was not adverstised, but easy enough to find, considering the URL is simply the book title. The site serves a good reference to bookmark because it announces the release of new or updated tools and has a lot of links to other malware/forensic resources. Overall, I was pleasantly surprised with Malware Forensics and I'm looking forward to the 2nd edition!"



5 out of 5 stars Right book, right time   August 27, 2008
Malware Forensics by Aquilina, Casey and Malin, is one of those fortunate instances of a technical work being on the right topic at the right time. As increasing legions of personal computers are becoming possessed by an overwhelming variety of unsolicited "warez" which steal information, consume bandwidth, and poison OSs, it is refreshing to find a work such as this, which comprehensively treats the collection, identification and forensic analysis of a broad range of malicious code from the perspectives of both the security specialist and the law-enforcement professional. Particularly useful features of the book are the "Case Scenarios" which allow the reader to identify familiar patterns in the delivery system and behavior of malware examples, the "Analysis Tips" which are enormously helpful in avoiding wasted effort, and the guidance offered in Chapter 1 for the development of a customized toolkit. I was intrigued by the thorough treatment of Memory Forensics (Chapter 3) which, alone, offers ample justification for purchasing this work. I was also impressed by Chapters 2,5,8 and 10 which illustrate how useful Linux can be in isolating and analyzing malware. This book merits being read by every active IT security professional and of being kept as an important reference and instructional work. Kudos to Curtis Rose for bringing it together. Hopefully we'll hear more from these authors separately and/or together.

James C. Smith, Ph.D.


5 out of 5 stars Comprehensive resource for live response and analysis.   August 22, 2008
I couldn't agree more with the previous reviews...

With accuracy, detail, and clarity the authors were able to provide a resource that not only answers the needs of highly seasoned system administrators, but also caters to those who may work on the periphery of systems affected by malware. Any investigation into malcode forensics will be enhanced by referring to this book. The exploration of different forsensic tools available out there really expanded my toolbox. I found chapter six - "Legal Considerations" to be an excellent addition to this book. If you want to dive "full bore" into malware extraction, analysis, and identification, keep this book nearby and you'll find it streamlines the process for you. Thanks for the great book!


5 out of 5 stars A must have for investigators and attorneys advising corporate clients   August 17, 2008
This book is a must have for attorneys and investigators dealing with corporations victimized by internet criminals looking to steal the keys to the digital vault. It is the most complete treatment of the legal and investigative issues facing forensic investigators and corporate victims in determining the origins of the attack as well as its intent. Also, unlike most works in this area it provides analysis of the regulatory schemes both domestic and international which impact the nature and extent of these investigations. A must have resource.

Powered by Associate-O-Matic