Malware Forensics: Investigating and Analyzing Malicious Code by Cameron H. MalinMalware Forensics: Investigating and Analyzing Malicious Code by Cameron H. Malin

Malware Forensics: Investigating and Analyzing Malicious Code

byCameron H. Malin, Eoghan Casey, James M. Aquilina

Paperback | June 30, 2008

Pricing and Purchase Info

$96.01 online 
$102.50 list price save 6%
Earn 480 plum® points

Prices and offers may vary in store

Quantity:

In stock online

Ships free on orders over $25

Not available in stores

about

Malware Forensics: Investigating and Analyzing Malicious Codecovers the complete process of responding to a malicious code incident. Written by authors who have investigated and prosecuted federal malware cases, this book deals with the emerging and evolving field of live forensics, where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss live forensics on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system. It is the first book detailing how to perform live forensic techniques on malicious code.

The book gives deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more. It explores over 150 different tools for malware incident response and analysis, including forensic tools for preserving and analyzing computer memory. Readers from all educational and technical backgrounds will benefit from the clear and concise explanations of the applicable legal case law and statutes covered in every chapter. In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter.

This book is intended for system administrators, information security professionals, network personnel, forensic examiners, attorneys, and law enforcement working with the inner-workings of computer memory and malicious code.



*Winner of Best Book Bejtlich read in 2008!
* http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html
* Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader.
* First book to detail how to perform "live forensic" techniques on malicous code.
* In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter
Cameron H. Malin is a Certified Ethical Hacker (C|EH) and Certified Network Defense Architect (C|NDA) as designated by the International Council of Electronic Commerce Consultants (EC-Council); a GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Forensic Analysis (GCFA), a GIAC Certified Incident Handler (GCIH), GIAC Certified Re...
Loading
Title:Malware Forensics: Investigating and Analyzing Malicious CodeFormat:PaperbackDimensions:592 pages, 9.25 × 7.5 × 0.68 inPublished:June 30, 2008Publisher:Syngress PublishingLanguage:English

The following ISBNs are associated with this title:

ISBN - 10:159749268X

ISBN - 13:9781597492683

Reviews

Table of Contents

Introduction
Chapter 1: Malware Incident Response: Volatile Data Collection and Examination on a Live Windows System
Chapter 2: Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System
Chapter 3: Memory Forensics: Analyzing Physical and Process Memory Dumps for Malware Artifacts
Chapter 4: Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Windows Systems
Chapter 5: Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems
Chapter 6: Legal Considerations
Chapter 7: File Identification and Profiling: Initial Analysis of a Suspect File on a Windows System
Chapter 8: File Identification and Profiling: Initial Analysis of a Suspect File On a Linux System
Chapter 9: Analysis of a Suspect Program: Windows
Chapter 10: Analysis of a Suspect Program: Linux
Index