Malware Forensics: Investigating and Analyzing Malicious Code
暫譯: 惡意程式取證:調查與分析惡意代碼
Cameron H. Malin, Eoghan Casey, James M. Aquilina
- 出版商: Syngress Media
- 出版日期: 2008-06-01
- 定價: $2,460
- 售價: 8.0 折 $1,968
- 語言: 英文
- 頁數: 592
- 裝訂: Paperback
- ISBN: 159749268X
- ISBN-13: 9781597492683
-
相關分類:
Linux、資訊安全
立即出貨 (庫存 < 4)
買這商品的人也買了...
-
Programming with POSIX Threads (Paperback)$2,360$2,242 -
GNU Make 專案開發工具 (Managing Projects with GNU Make, 3/e)$620$490 -
$999OpenGL Shading Language, 2/e (Paperback) -
Linux 驅動程式, 3/e (Linux Device Drivers, 3/e)$980$774 -
Programming Python, 3/e$2,210$2,100 -
C++ Primer, 4/e (中文版)$990$891 -
跟我學 Office 2007, 2/e$299$236 -
Windows via C/C++, 5/e$2,730$2,594 -
$1,488C++ GUI Programming with Qt 4, 2/e (Hardcover) -
Essential Linux Device Drivers (Hardcover)$2,240$2,128 -
大話設計模式$620$527 -
Gray Hat Python: Python Programming for Hackers and Reverse Engineers (Paperback)$1,400$1,330 -
The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler$2,210$2,100 -
$1,155Hacking Exposed Linux, 3/e (Paperback) -
Thinking in Java 中文版 (Thinking in Java, 4/e)$960$758 -
Memory Dump Analysis Anthology, Volume 1 (Paperback)$1,620$1,539 -
Professional Linux Kernel Architecture (Paperback)$2,250$2,138 -
Memory Dump Analysis Anthology, Volume 2 (Paperback)$1,620$1,539 -
Linux 裝置驅動程式之開發詳解$780$616 -
WordPress 部落格架設與經營:站長親授的十堂課$420$336 -
建構嵌入式 Linux 系統 (Building Embedded Linux Systems, 2/e)$780$616 -
ASP.NET 專題實務-使用 C#$650$514 -
Google Android SDK 開發範例大全$750$638 -
USB Complete: The Developer's Guide, 4/e (Paperback)$1,810$1,720 -
$299Android Application Development: Programming with the Google SDK (Paperback)
商品描述
Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss "live forensics" on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system.
Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in malicious code forensics.
Prior to this book, competing texts have described malicious code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to analyzing malicious code. Conversely, Malware Forensics: Investigating and Analyzing Malicious Code emphasizes the practical "how-to" aspect of malicious code investigation, giving deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more.
* Winner of Best Book Bejtlich read in 2008!
* http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html
* Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader.
* First book to detail how to perform "live forensic" techniques on malicous code.
* In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter
Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in malicious code forensics.
Prior to this book, competing texts have described malicious code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to analyzing malicious code. Conversely, Malware Forensics: Investigating and Analyzing Malicious Code emphasizes the practical "how-to" aspect of malicious code investigation, giving deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more.
* Winner of Best Book Bejtlich read in 2008!
* http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html
* Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader.
* First book to detail how to perform "live forensic" techniques on malicous code.
* In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter
商品描述(中文翻譯)
《惡意程式取證:調查與分析惡意程式碼》涵蓋了新興且不斷發展的「即時取證」領域,調查人員檢查計算機系統以收集和保存關鍵的即時數據,這些數據在系統關閉時可能會丟失。與其他討論特定操作系統或一般背景下的「即時取證」的取證書籍不同,本書強調在 Windows 和 Linux 操作系統上進行即時取證和證據收集的方法論,重點在於識別和捕捉惡意程式碼及其對受損系統影響的證據。
《惡意程式取證:調查與分析惡意程式碼》還廣泛涵蓋了在 Windows 和 Linux 平台上蓬勃發展的物理和過程記憶體分析的取證領域。本書提供了清晰且簡明的指導,說明如何在惡意程式取證中,作為關鍵調查步驟,進行物理和過程記憶體的取證捕獲和檢查。
在本書之前,競爭書籍已經描述了惡意程式碼,考慮了其演變歷史,並在某些情況下僅 dedicates 一兩章來分析惡意程式碼。相對而言,《惡意程式取證:調查與分析惡意程式碼》強調了惡意程式調查的實用「如何做」方面,深入探討了進行運行時行為惡意程式分析的工具和技術(如文件、註冊表、網絡和端口監控)以及靜態程式碼分析(如文件識別和分析、字符串發現、加固/打包檢測、反組譯、除錯)等。
* 獲得 2008 年 Bejtlich 最佳書籍獎!
* http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html
* 作者曾調查和起訴聯邦惡意程式案件,這使他們能夠為讀者提供無與倫比的見解。
* 首本詳細說明如何對惡意程式碼執行「即時取證」技術的書籍。
* 除了討論的技術主題外,本書還提供了關鍵的法律考量,針對主題的法律後果和要求進行說明。
![公職考試 2025 試題大補帖【資通網路與安全】(103~113年試題)(申論題型)[適用三等、四等/高考、普考、關務、地方特考、技師考試]-cover](https://cf-assets2.tenlong.com.tw/products/images/000/224/293/medium/9786264041126.jpg?1729066030)
![公職考試 2025 試題大補帖【資料結構(含資料結構與資料庫及資料探勘)】(104~113年試題)(申論題型)[適用三等/高考、關務、地方特考、技師考試]-cover](https://cf-assets2.tenlong.com.tw/products/images/000/224/290/medium/9786264041119.jpg?1729065565)
