The Art of Mac Malware, Volume 2: Detecting Malicious Software
暫譯: Mac 惡意軟體的藝術,第二卷:檢測惡意軟體

Wardle, Patrick

The Art of Mac Malware, Volume 2: Detecting Malicious Software
  • 出版商: No Starch Press
  • 出版日期: 2025-02-25
  • 售價: $2,200
  • 貴賓價: 9.5$2,090
  • 語言: 英文
  • 頁數: 376
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1718503784
  • ISBN-13: 9781718503786

    • 海外代購書籍(需單獨結帳)

商品描述

This first-of-its-kind guide to detecting stealthy Mac malware gives you the tools and techniques to counter even the most sophisticated threats targeting the Apple ecosystem.

As renowned Mac security expert Patrick Wardle notes in The Art of Mac Malware, Volume 2, the substantial and growing number of Mac users, both personal and enterprise, has created a compelling incentive for malware authors to ever more frequently target macOS systems. The only effective way to counter these constantly evolving and increasingly sophisticated threats is through learning and applying robust heuristic-based detection techniques.

To that end, Wardle draws upon decades of experience to guide you through the programmatic implementation of such detection techniques. By exploring how to leverage macOS's security-centric frameworks (both public and private), diving into key elements of behavioral-based detection, and highlighting relevant examples of real-life malware, Wardle teaches and underscores the efficacy of these powerful approaches.

Across 14 in-depth chapters, you'll learn how to:

  • Capture critical snapshots of system state to reveal the subtle signs of infection
  • Enumerate and analyze running processes to uncover evidence of malware
  • Parse the macOS's distribution and binary file formats to detect malicious anomalies
  • Utilize code signing as an effective tool to identify malware and reduce false positives
  • Write efficient code that harnesses the full potential of Apple's public and private APIs
  • Leverage Apple's Endpoint Security and Network Extension frameworks to build real-time monitoring tools

This comprehensive guide provides you with the knowledge to develop tools and techniques, and to neutralize threats before it's too late.

商品描述(中文翻譯)

這本首創的指南專注於檢測隱秘的 Mac 惡意軟體,提供您對抗針對 Apple 生態系統的最複雜威脅的工具和技術。

正如著名的 Mac 安全專家 Patrick Wardle 在《The Art of Mac Malware》第 2 卷中所指出的,隨著個人和企業使用 Mac 的人數不斷增加,這為惡意軟體作者提供了越來越多的誘因,讓他們更頻繁地針對 macOS 系統。對抗這些不斷演變且日益複雜的威脅的唯一有效方法是學習並應用穩健的基於啟發式的檢測技術。

為此,Wardle 利用數十年的經驗,指導您如何以程式化的方式實現這些檢測技術。通過探索如何利用 macOS 的安全中心框架(包括公共和私有),深入研究基於行為的檢測的關鍵要素,並強調現實生活中惡意軟體的相關範例,Wardle 教授並強調這些強大方法的有效性。

在 14 章深入的內容中,您將學習如何:

- 捕捉系統狀態的關鍵快照,以揭示感染的微妙跡象
- 列舉並分析正在運行的進程,以發現惡意軟體的證據
- 解析 macOS 的分發和二進位檔案格式,以檢測惡意異常
- 利用代碼簽名作為識別惡意軟體和減少誤報的有效工具
- 編寫高效的代碼,充分利用 Apple 的公共和私有 API
- 利用 Apple 的 Endpoint Security 和 Network Extension 框架來構建實時監控工具

這本全面的指南為您提供了開發工具和技術的知識,並在為時已晚之前中和威脅。

作者簡介

Patrick Wardle is the founder of Objective-See, a nonprofit dedicated to creating free, open source macOS security tools and organizing the "Objective by the Sea" Apple security conference. Wardle is also the co-founder and CEO of DoubleYou, a cybersecurity startup focused on empowering the builders of Apple-focused security tools. Having worked at both NASA and the National Security Agency and having presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.

作者簡介(中文翻譯)

Patrick Wardle 是 Objective-See 的創辦人,這是一個致力於創建免費、開源 macOS 安全工具的非營利組織,並且負責組織「Objective by the Sea」蘋果安全會議。Wardle 也是 DoubleYou 的共同創辦人兼執行長,這是一家專注於賦能蘋果安全工具開發者的網路安全初創公司。他曾在 NASA 和國家安全局工作,並在無數安全會議上發表演講,對外星人、間諜以及技術話題有著深入的了解。

類似商品