The Art of Computer Virus Research and Defense

Книга The Art of Computer Virus Research and Defense 2019-07-30

Нет прав для скачивания
Author: Peter Szor

Publisher: Addison Wesley Professional
Pub Date: February 03, 2005
ISBN: 0-321-30454-3
Language: English
Format: PDF
Pages: 744

Peter Szor is one of the best virus analysts in the world and has the perfect credentials to write this book.Unlike most books on computer viruses, The Art of Computer Virus Research and Defense is a reference written strictly for white hats: IT and security professionals responsible for protecting their organizations against malware. Peter Szor systematically covers everything you need to know, including virus behavior and classification, protection strategies, antivirus and worm-blocking techniques, and much more.

Szor presents the state-of-the-art in both malware and protection, providing the full technical detail that professionals need to handle increasingly complex attacks. Along the way, he provides extensive information on code metamorphism and other emerging techniques, so you can anticipate and prepare for future threats.

Szor also offers the most thorough and practical primer on virus analysis ever published-addressing everything from creating your own personal laboratory to automating the analysis process.
This book's coverage includes:
Discovering how malicious code attacks on a variety of platforms
Classifying malware strategies for infection, in-memory operation, self-protection, payload delivery, exploitation, and more Identifying and responding to code obfuscation threats: encrypted, polymorphic, and metamorphic

Mastering empirical methods for analyzing malicious code—and what to do with what you learn
Reverse-engineering malicious code with disassemblers, debuggers, emulators, and virtual machines
Implementing technical defenses: scanning, code emulation, disinfection, inoculation, integrity checking, sandboxing, honeypots, behavior blocking, and much more
Using worm blocking, host-based intrusion prevention, and network-level defense strategies.

Strategies of the Attacker

Introduction to the Games of Nature
The Fascination of Malicious Code Analysis
Malicious Code Environments
Classification of Infection Strategies
Classification of In-Memory Strategies
Basic Self-Protection Strategies
Advanced Code Evolution Techniques and Computer Virus Generator Kits
Classification According to Payload
Strategies of Computer Worms
Exploits, Vulnerabilities, and Buffer Overflow Attacks

Strategies of the Defender

Antivirus Defense Techniques
Memory Scanning and Disinfection
Worm-Blocking Techniques and Host-Based Intrusion Prevention
Network-Level Defense Strategies
Malicious Code Analysis Techniques