Alfaisal Library

Your cart is empty.
Normal view MARC view ISBD view

Malware analysis and detection engineering : a comprehensive approach to detect and analyze modern malware / Abhijit Mohanta, Anoop Saldanha

By: Mohanta, Abhijit.
Contributor(s): Saldanha, Anoop | Ohio Library and Information Network.
Publisher: Berkeley, CA : APress, ©2020Description: 914 pages.Content type: text Media type: computer Carrier type: online resourceISBN: 9781484261927.Subject(s): Computer security | Malware (Computer software)Genre/Form: Print books.
Contents:
Part 1: Introduction -- Chapter 1. Introduction -- Chapter 2. Malware Analysis Lab Setup -- Part 2: OS and System Fundamentals -- Chapter 3. File and File Formats.-Chapter 4. Virtual Memory and the Portable Executable (PE) File -- Chapter 5. Windows Internals -- Part 3: Malware Components and Analysis -- Chapter 6. Malware Components and Distribution -- Chapter 7. Malware Packers -- Chapter 8. Persistence Mechanisms -- Chapter 9. Network Communication -- Chapter 10. Code Injection, Process Hollowing, and API Hooking -- Chapter 11. Stealth and Rootkits -- Part 4: Malware Analysis and Classification -- Chapter 12. Static Analysis -- Chapter 13. Dynamic Analysis -- Chapter 14. Memory Forensics With Volatility -- Chapter 15. Malware Payload Dissection and Classification -- Part 5: Malware Reverse Engineering -- Chapter 16. Debuggers and Assembly Language -- Chapter 17. Debugging Tricks for Unpacking Malware -- Chapter 18. Debugging Code Injection -- Chapter 19. Armoring and Evasion -- The Anti Techniques -- Chapter 20. File-less, Macros, and Other Malware Trends -- Part 6: Detection Engineering -- Chapter 21. Dev Analysis Lab Setup -- Chapter 22. Anti-Virus Engines -- Chapter 23. IDS/IPS and Snort/Suricata Rule Writing -- Chapter 24. Malware Sandbox Internals -- Chapter 25. Binary Instrumentation for Reversing Automation
Summary: Discover how the internals of malware work and how you can analyze and detect it. You will learn not only how to analyze and reverse malware, but also how to classify and categorize it, giving you insight into the intent of the malware. Malware Analysis and Detection Engineering is a one-stop guide to malware analysis that simplifies the topic by teaching you undocumented tricks used by analysts in the industry. You will be able to extend your expertise to analyze and reverse the challenges that malicious software throws at you. The book starts with an introduction to malware analysis and reverse engineering to provide insight on the different types of malware and also the terminology used in the anti-malware industry. You will know how to set up an isolated lab environment to safely execute and analyze malware. You will learn about malware packing, code injection, and process hollowing plus how to analyze, reverse, classify, and categorize malware using static and dynamic tools. You will be able to automate your malware analysis process by exploring detection tools to modify and trace malware programs, including sandboxes, IDS/IPS, anti-virus, and Windows binary instrumentation. The book provides comprehensive content in combination with hands-on exercises to help you dig into the details of malware dissection, giving you the confidence to tackle malware that enters your environment. You will: Analyze, dissect, reverse engineer, and classify malware Effectively handle malware with custom packers and compilers Unpack complex malware to locate vital malware components and decipher their intent Use various static and dynamic malware analysis tools Leverage the internals of various detection engineering tools to improve your workflow Write Snort rules and learn to use them with Suricata IDS "This book is a beast! If you're looking to master the ever-widening field of malware analysis, look no further. This is the definitive guide for you." Pedram Amini, CTO Inquest; Fo under OpenRCE.org and ZeroDayInitiative
    average rating: 0.0 (0 votes)

Part 1: Introduction -- Chapter 1. Introduction -- Chapter 2. Malware Analysis Lab Setup -- Part 2: OS and System Fundamentals -- Chapter 3. File and File Formats.-Chapter 4. Virtual Memory and the Portable Executable (PE) File -- Chapter 5. Windows Internals -- Part 3: Malware Components and Analysis -- Chapter 6. Malware Components and Distribution -- Chapter 7. Malware Packers -- Chapter 8. Persistence Mechanisms -- Chapter 9. Network Communication -- Chapter 10. Code Injection, Process Hollowing, and API Hooking -- Chapter 11. Stealth and Rootkits -- Part 4: Malware Analysis and Classification -- Chapter 12. Static Analysis -- Chapter 13. Dynamic Analysis -- Chapter 14. Memory Forensics With Volatility -- Chapter 15. Malware Payload Dissection and Classification -- Part 5: Malware Reverse Engineering -- Chapter 16. Debuggers and Assembly Language -- Chapter 17. Debugging Tricks for Unpacking Malware -- Chapter 18. Debugging Code Injection -- Chapter 19. Armoring and Evasion -- The Anti Techniques -- Chapter 20. File-less, Macros, and Other Malware Trends -- Part 6: Detection Engineering -- Chapter 21. Dev Analysis Lab Setup -- Chapter 22. Anti-Virus Engines -- Chapter 23. IDS/IPS and Snort/Suricata Rule Writing -- Chapter 24. Malware Sandbox Internals -- Chapter 25. Binary Instrumentation for Reversing Automation

Available to OhioLINK libraries

Discover how the internals of malware work and how you can analyze and detect it. You will learn not only how to analyze and reverse malware, but also how to classify and categorize it, giving you insight into the intent of the malware. Malware Analysis and Detection Engineering is a one-stop guide to malware analysis that simplifies the topic by teaching you undocumented tricks used by analysts in the industry. You will be able to extend your expertise to analyze and reverse the challenges that malicious software throws at you. The book starts with an introduction to malware analysis and reverse engineering to provide insight on the different types of malware and also the terminology used in the anti-malware industry. You will know how to set up an isolated lab environment to safely execute and analyze malware. You will learn about malware packing, code injection, and process hollowing plus how to analyze, reverse, classify, and categorize malware using static and dynamic tools. You will be able to automate your malware analysis process by exploring detection tools to modify and trace malware programs, including sandboxes, IDS/IPS, anti-virus, and Windows binary instrumentation. The book provides comprehensive content in combination with hands-on exercises to help you dig into the details of malware dissection, giving you the confidence to tackle malware that enters your environment. You will: Analyze, dissect, reverse engineer, and classify malware Effectively handle malware with custom packers and compilers Unpack complex malware to locate vital malware components and decipher their intent Use various static and dynamic malware analysis tools Leverage the internals of various detection engineering tools to improve your workflow Write Snort rules and learn to use them with Suricata IDS "This book is a beast! If you're looking to master the ever-widening field of malware analysis, look no further. This is the definitive guide for you." Pedram Amini, CTO Inquest; Fo under OpenRCE.org and ZeroDayInitiative

Copyright © 2020 Alfaisal University Library. All Rights Reserved.
Tel: +966 11 2158948 Fax: +966 11 2157910 Email: librarian@alfaisal.edu