Muutke küpsiste eelistusi

E-raamat: Advanced Malware Analysis

2.78/5 (18 hinnangut Goodreads-ist)
  • Formaat: PDF+DRM
  • Ilmumisaeg: 05-Sep-2015
  • Kirjastus: McGraw-Hill Professional
  • Keel: eng
  • ISBN-13: 9780071819756
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 74,88 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Advanced Malware AnalysisSuurem pilt
  • Formaat: PDF+DRM
  • Ilmumisaeg: 05-Sep-2015
  • Kirjastus: McGraw-Hill Professional
  • Keel: eng
  • ISBN-13: 9780071819756
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product. A one-of-a-kind guide to setting up a malware research lab, using cutting-edge analysis tools, and reporting the findingsAdvanced Malware Analysis is a critical resource for every information security professional's anti-malware arsenal. The proven troubleshooting techniques will give an edge to information security professionals whose job involves detecting, decoding, and reporting on malware.

After explaining malware architecture and how it operates, the book describes how to create and configure a state-of-the-art malware research lab and gather samples for analysis. Then, youll learn how to use dozens of malware analysis tools, organize data, and create metrics-rich reports.





A crucial tool for combatting malwarewhich currently hits each second globally Filled with undocumented methods for customizing dozens of analysis software tools for very specific uses Leads you through a malware blueprint first, then lab setup, and finally analysis and reporting activities Every tool explained in this book is available in every country around the world
Foreword xv
Acknowledgments xvii
Introduction xix
Part I Malware Blueprint
Chapter 1 Malware Analysis 101
3(22)
Malware Analysis
4(16)
Malware Analysis and Reverse Engineering
5(1)
Types of Malware Analysis
5(3)
Purpose of Malware Analysis
8(3)
Limitations of Malware Analysis
11(2)
The Malware Analysis Process
13(7)
The Effective Malware Analyst
20(2)
Familiarization with Malware
21(1)
Familiarization with Analysis Tools
21(1)
Patience
22(1)
Recap
22(3)
Chapter 2 Malware Taxonomy
25(24)
Malware Classes
26(21)
Inferiors
28(9)
Network Worms
37(3)
Trojan Horse
40(1)
Backdoors
40(1)
Remote-Access Trojan
40(1)
Information Stealers
41(1)
Ransomware
42(1)
Scareware
43(1)
Fakeware
44(1)
Greyware
45(2)
Recap
47(2)
Chapter 3 Malware Deployment
49(18)
Malware Infection Vectors
51(3)
Speed
51(1)
Stealth
52(1)
Coverage
53(1)
Shelf Life
54(1)
Types of Malware Infection Vectors
54(11)
Physical Media
55(1)
E-mails
56(1)
Instant Messaging and Chat
57(1)
Social Networking
58(2)
URL Links
60(1)
File Shores
61(1)
Software Vulnerabilities
61(4)
Potential Infection Vectors
65(1)
Recap
65(2)
Chapter 4 Protective Mechanisms
67(22)
The Two States of Malware
68(2)
Static Malware
69(1)
Dynamic Malware
69(1)
Protective Mechanisms
70(17)
Static Malware Protective Mechanisms
71
Dynamic Malware Protective Mechanisms
19(68)
Recap
87(2)
Chapter 5 Malware Dependencies
89(20)
Dependency Types
91(15)
Environment Dependencies
92(4)
Program Dependencies
96(2)
Timing Dependencies
98(1)
Event Dependencies
99(1)
User Dependencies
100(5)
File Dependencies
105(1)
Recap
106(3)
Part II Malware Research Lab
Chapter 6 Malware Collection
109(38)
Your Own Backyard
111(9)
Scan for Malicious Files
112(1)
Look for Active Rootkits
113(1)
Inspect Startup Programs
114(3)
Inspect Running Processes
117(1)
Extract Suspicious Files
118(2)
Free Sources
120(17)
Contogio
120(2)
KernelMode.info
122(1)
MalShare.com
123(1)
Ma lware.lu
124(1)
Malware Blacklist
124(2)
Malwarebytes Forum
126(1)
Malekal's Forum
127(1)
Open Malware
127(5)
Tuts4You
132(1)
VirusShare.com
132(2)
VX Heaven
134(1)
Malware Trackers
134(3)
Research Mailing Lists
137(1)
Sample Exchange
138(1)
Commercial Sources
138(1)
Honeypots
139(5)
Dionaea
140(4)
Recap
144(1)
Tools
145(2)
Chapter 7 Static Analysis Lab
147(40)
The Static Analysis Lab
148(3)
Host File Inspection Tools
149(1)
Mitigate Possible Infection
149(1)
Mitigate Becoming a Malware Staging Point
150(1)
Anonymous Communication
150(1)
Setting Up the Lab
151
Choose the Hardware
151(1)
Install the Operating System
152(11)
Harden the Lab
163(9)
Anonymize the Lab
172(6)
Isolate the Lab
178
The Virtualized Static Analysis Lab
118(64)
Backing Up and Restoring
182(1)
Recap
183(1)
Tools
184(3)
Chapter 8 Dynamic Analysis Lab
187(44)
Setting Up the Lab
188(27)
Choose the Hardware
189(1)
Install the Operating System
190(8)
Make the Lab Malware Friendly
198(16)
Anonymize the Lab
214(1)
Isolate the Lab
214(1)
Restoring to a Clean State
215(3)
Virtualized Environment Clean State Restoration
215(2)
Bare-Metal Environment Clean State Restoration
217(1)
Backing Up and Restoring
218(8)
The Golden Image
218(1)
Host OS
219(1)
Other Systems Supporting the Lab
220(6)
Recap
226(1)
Tools
226(5)
Part III Malware Inspection
Chapter 9 The Portable Executable File
231(38)
The Windows Portable Executable File
233(35)
The PE File Format
235(24)
Relative Virtual Address
259(1)
PE Import Functions
260(3)
PE Export Functions
263(4)
64-Bit PE File Format
267(1)
Recap
268(1)
Tools
268(1)
Chapter 10 The Proper Way to Handle Files
269(28)
File's Analysis Life Cycle
270(25)
Transfer
271(19)
Analysis
290(1)
Storage
290(5)
Recap
295(1)
Tools
295(2)
Chapter 11 Inspecting Static Malware
297(20)
Static Analysis Techniques
298(17)
ID Assignment
299(1)
File Type Identification
300(3)
Antivirus Detection
303(7)
Protective Mechanisms Identification
310(3)
PE Structure Verification
313(1)
Strings Analysis
313(2)
Recap
315(1)
Tools
315(2)
Chapter 12 Inspecting Dynamic Malware
317(38)
Virtual vs. Bare Metal
318(1)
Dynamic Analysis
319(33)
Analyzing Host Behavior
319(29)
Analyzing Network Behavior
348(4)
Dynamic Analysis Limitations
352(1)
Recap
353(1)
Tools
353(2)
Chapter 13 Tools of the Trade
355(132)
Malware Analysis Use Cases
356(1)
Malware Analyst Toolbox
357(1)
Tools of the Trade
357(125)
Sysinternals Suite
357(1)
Yara
358(6)
Cygwin
364(3)
Debuggers
367(2)
Disassemblers
369(1)
Memory Dumpers
369(1)
PE Viewers
370(1)
PE Reconstructors
371(34)
Malcode Analyst Pack
405(1)
Rootkit Tools
406(1)
Network Capturing Tools
407(62)
Automated Sandboxes
469(11)
Free Online Automated Sandbox Services
480(2)
Recap
482(1)
Tools
483
Part IV Appendixes
Appendix A Tools List
487(8)
Appendix B List of Laboratories
495(4)
Appendix C Volatility Framework Basic Plug-ins
499(6)
Index 505
Christopher C. Elisan, a seasoned reverse engineer and malware researcher, is the principal malware scientist at RSA NetWitness. He frequently contributes expert opinion about malware, botnets, and advance persistent threats for leading publications, including USA Today, InformationWeek, and Dark Reading.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97800718197562e.html