Language:
繁體中文
English
日文
說明(常見問題)
南開科技大學
圖書館首頁
編目中圖書申請
登入
回首頁
切換:
標籤
|
MARC模式
|
ISBD
Malware forensicsinvestigating and analyzing malicious code /
紀錄類型:
書目-電子資源 : 單行本
正題名/作者:
Malware forensics/ James M. Aquilina, Eoghan Casey, Cameron H. Malin.
其他題名:
investigating and analyzing malicious code /
作者:
Aquilina, James M.
其他作者:
Casey, Eoghan.
出版者:
Burlington, MA :Syngress Publishing,2008
面頁冊數:
xxxvi, 874 p. :ill. ;24 cm.
標題:
Computer security. -
電子資源:
An electronic book accessible through the World Wide Web; click for information
電子資源:
An electronic book accessible through the World Wide Web; click for information
ISBN:
9780080560199 (electronic bk.)
ISBN:
0080560199 (electronic bk.)
ISBN:
9781597492683 (paper)
ISBN:
159749268X (paper)
Malware forensicsinvestigating and analyzing malicious code /
Aquilina, James M.
Malware forensics
investigating and analyzing malicious code /[electronic resource] :James M. Aquilina, Eoghan Casey, Cameron H. Malin. - Burlington, MA :Syngress Publishing,2008 - xxxvi, 874 p. :ill. ;24 cm.
Includes bibliographical references and index.
Introduction -- Chapter 1:Malware Incident Response: Volatile Data Collection and Examination on a Live Windows System -- Chapter 2:Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System -- Chapter 3:Memory Forensics: Analyzing Physical and Process Memory Dumps for Malware Artifacts -- Chapter 4:Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Windows Systems -- Chapter 5:Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems -- Chapter 6:Legal Considerations -- Chapter 7:File Identification and Profiling: Initial Analysis of a Suspect File on a Windows System -- Chapter 8:File Identification and Profiling: Initial Analysis of a Suspect File On a Linux System -- Chapter 9:Analysis of a Suspect Program: Windows -- Chapter 10:Analysis of a Suspect Program: Linux -- Index.
Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss "live forensics" on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system. Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in malicious code forensics. Prior to this book, competing texts have described malicious code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to analyzing malicious code. Conversely, Malware Forensics: Investigating and Analyzing Malicious Code emphasizes the practical "how-to" aspect of malicious code investigation, giving deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more. * Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader. * First book to detail how to perform "live forensic" techniques on malicous code. * In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter.
Electronic reproduction.
Amsterdam :
Elsevier Science & Technology,
2008.
Mode of access: World Wide Web.
ISBN: 9780080560199 (electronic bk.)Subjects--Topical Terms:
146870
Computer security.
Index Terms--Genre/Form:
172687
Electronic books.
LC Class. No.: QA76.9.A25 / A68 2008eb
Dewey Class. No.: 005.8
Malware forensicsinvestigating and analyzing malicious code /
LDR
:04435cmm 22003014a 4500
001
1000045982
003
OCoLC
005
20091026094528.0
006
m d
007
cr cn
008
081117s2008 maua sb 000 0 eng d
020
$a
9780080560199 (electronic bk.)
020
$a
0080560199 (electronic bk.)
020
$a
9781597492683 (paper)
020
$a
159749268X (paper)
035
$a
(OCoLC)272382245
035
$a
ocn272382245
040
$a
OPELS
$b
eng
$c
OPELS
050
1 4
$a
QA76.9.A25
$b
A68 2008eb
082
0 4
$a
005.8
$2
22{me_controlnum}
100
1
$a
Aquilina, James M.
$3
1000060497
245
0 0
$a
Malware forensics
$h
[electronic resource] :
$b
investigating and analyzing malicious code /
$c
James M. Aquilina, Eoghan Casey, Cameron H. Malin.
260
$a
Burlington, MA :
$b
Syngress Publishing,
$c
2008
300
$a
xxxvi, 874 p. :
$b
ill. ;
$c
24 cm.
504
$a
Includes bibliographical references and index.
505
0
$a
Introduction -- Chapter 1:Malware Incident Response: Volatile Data Collection and Examination on a Live Windows System -- Chapter 2:Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System -- Chapter 3:Memory Forensics: Analyzing Physical and Process Memory Dumps for Malware Artifacts -- Chapter 4:Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Windows Systems -- Chapter 5:Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems -- Chapter 6:Legal Considerations -- Chapter 7:File Identification and Profiling: Initial Analysis of a Suspect File on a Windows System -- Chapter 8:File Identification and Profiling: Initial Analysis of a Suspect File On a Linux System -- Chapter 9:Analysis of a Suspect Program: Windows -- Chapter 10:Analysis of a Suspect Program: Linux -- Index.
520
$a
Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss "live forensics" on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system. Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in malicious code forensics. Prior to this book, competing texts have described malicious code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to analyzing malicious code. Conversely, Malware Forensics: Investigating and Analyzing Malicious Code emphasizes the practical "how-to" aspect of malicious code investigation, giving deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more. * Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader. * First book to detail how to perform "live forensic" techniques on malicous code. * In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter.
533
$a
Electronic reproduction.
$b
Amsterdam :
$c
Elsevier Science & Technology,
$d
2008.
$n
Mode of access: World Wide Web.
$n
System requirements: Web browser.
$n
Title from title screen (viewed on Nov. 14, 2008).
$n
Access may be restricted to users at subscribing institutions.
650
0
$a
Computer security.
$3
146870
650
0
$a
Computer viruses
$x
Identification.
$3
1000060500
650
0
$a
Computer crimes
$x
Investigation.
$3
175300
655
7
$a
Electronic books.
$2
local.
$3
172687
700
1
$a
Casey, Eoghan.
$3
1000060498
700
1
$a
Malin, Cameron H.
$3
1000060499
710
2
$a
ScienceDirect (Online service)
$3
1000060142
856
4 0
$3
ScienceDirect
$u
http://www.sciencedirect.com/science/book/9781597492683
$z
An electronic book accessible through the World Wide Web; click for information
856
4 0
$3
Referex
$u
http://www.engineeringvillage.com/controller/servlet/OpenURL?genre=book&isbn=9781597492683
$z
An electronic book accessible through the World Wide Web; click for information
0 筆讀者評論
館藏地:
全部
線上資料庫
出版年:
卷號:
館藏
1 筆 • 頁數 1 •
1
條碼號
典藏地名稱
館藏流通類別
資料類型
索書號
使用類型
借閱狀態
預約人數
備註欄
附件
OE0040139
線上資料庫
線上資源
線上電子書
OE
一般(Normal)
在架
0
1 筆 • 頁數 1 •
1
多媒體
評論
新增評論
分享你的心得
建立或儲存個人書籤
書目轉出
取書館別
處理中
...
變更密碼
登入