Cargando…
The art of memory forensics : detecting malware and threats in Windows, Linux, and Mac memory /
"The Art of Memory Forensics" is a practical guide to the rapidly emerging investigative technique for digital forensics, incident response, and law enforcement. Memory forensics has become a must-have skill for combating the next era of advanced malware, targeted attacks, security breache...
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , , , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Indianapolis, IN :
Wiley,
[2014]
|
| Temas: | |
| Acceso en línea: | Texto completo |
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | EBOOKCENTRAL_ocn883892214 | ||
| 003 | OCoLC | ||
| 005 | 20240329122006.0 | ||
| 006 | m o d | ||
| 007 | cr |n||||||||| | ||
| 008 | 140718s2014 inua o 001 0 eng d | ||
| 040 | |a IDEBK |b eng |e pn |c IDEBK |d EBLCP |d YDXCP |d ORE |d E7B |d N$T |d DEBSZ |d OCLCQ |d TEFOD |d B24X7 |d COO |d WAU |d RECBK |d TEFOD |d OCLCF |d OCLCQ |d TEFOD |d OCLCQ |d K6U |d OCLCQ |d CNNOR |d OCLCQ |d CCO |d PIFFA |d FVL |d ZCU |d LIV |d MERUC |d OCLCQ |d U3W |d OCLCA |d STF |d OCLCQ |d RRP |d ICG |d INT |d VT2 |d OCLCQ |d WYU |d G3B |d OCLCQ |d TKN |d OCLCQ |d DKC |d OCLCQ |d UKAHL |d OCLCQ |d UK7LJ |d TXI |d OCLCO |d OCLCQ |d AJB |d OCLCQ |d OCLCO |d OCLCL | ||
| 016 | 7 | |a 016774654 |2 Uk | |
| 019 | |a 887825878 |a 961599461 |a 962702145 |a 1055355421 |a 1066422456 |a 1081268969 |a 1103275012 |a 1129347761 |a 1153000513 |a 1156055514 |a 1192332459 | ||
| 020 | |a 9781118825044 |q (electronic bk.) | ||
| 020 | |a 1118825047 |q (electronic bk.) | ||
| 020 | |a 9781306958387 |q (electronic bk.) | ||
| 020 | |a 1306958385 |q (electronic bk.) | ||
| 020 | |a 9781118824993 |q (electronic bk.) | ||
| 020 | |a 1118824997 |q (electronic bk.) | ||
| 020 | |z 9781118825099 |q (paperback) | ||
| 020 | |z 1118825098 |q (paperback) | ||
| 029 | 1 | |a AU@ |b 000053396288 | |
| 029 | 1 | |a CHNEW |b 000686270 | |
| 029 | 1 | |a CHNEW |b 000888190 | |
| 029 | 1 | |a DEBBG |b BV043610973 | |
| 029 | 1 | |a DEBSZ |b 410562734 | |
| 029 | 1 | |a NZ1 |b 15909373 | |
| 035 | |a (OCoLC)883892214 |z (OCoLC)887825878 |z (OCoLC)961599461 |z (OCoLC)962702145 |z (OCoLC)1055355421 |z (OCoLC)1066422456 |z (OCoLC)1081268969 |z (OCoLC)1103275012 |z (OCoLC)1129347761 |z (OCoLC)1153000513 |z (OCoLC)1156055514 |z (OCoLC)1192332459 | ||
| 037 | |a 627089 |b MIL | ||
| 037 | |a 1EBCE98B-D480-4F2B-817D-822560D30E3A |b OverDrive, Inc. |n http://www.overdrive.com | ||
| 050 | 4 | |a QA76.9.A25 |b L54 2014eb | |
| 072 | 7 | |a COM |x 043050 |2 bisacsh | |
| 082 | 0 | 4 | |a 363.25 |a 363.25/968 |a 363.25968 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Ligh, Michael Hale. | |
| 245 | 1 | 4 | |a The art of memory forensics : |b detecting malware and threats in Windows, Linux, and Mac memory / |c Michael Hale Ligh, Andrew Case, Jamie Levy, [and] Aaron Walters. |
| 246 | 3 | 0 | |a Detecting malware and threats in Windows, Linux, and Mac memory |
| 264 | 1 | |a Indianapolis, IN : |b Wiley, |c [2014] | |
| 264 | 4 | |c ©2014 | |
| 300 | |a 1 online resource (xxiii, 886 pages) : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 500 | |a Includes index. | ||
| 505 | 0 | 0 | |g I. |t An introduction to memory forensics ; |t Systems overview -- |t Data structures -- |t The volatility framework -- |t Memory acquisition -- |g II. |t Windows memory forensics ; |t Windows objects and pool allocations -- |t Processes, handles, and tokens -- |t Process memory internals -- |t Hunting malware in process memory -- |t Event logs -- |t Registry in memory -- |t Networking -- |t Windows services -- |t Kernel forensics and rootkits -- |t Windows GUI subsystem, part I -- |t Windows GUI subsystem, part II -- |t Disk artifacts in memory -- |t Event reconstruction -- |t Timelining -- |g III. |t Linux memory forensics ; |t Linux memory acquisition -- |t Linux operating system -- |t Processes and process memory -- |t Networking artifacts -- |t Kernel memory artifacts -- |t File systems in memory -- |t Userland rootkits -- |t Kernel mode rootkits -- |t Case study : Phalanx2 -- |g IV. |t Mac memory forensics ; |t Mac acquisition and internals -- |t Mac memory overview -- |t Malicious code and rootkits -- |t Tracking user activity. |
| 520 | |a "The Art of Memory Forensics" is a practical guide to the rapidly emerging investigative technique for digital forensics, incident response, and law enforcement. Memory forensics has become a must-have skill for combating the next era of advanced malware, targeted attacks, security breaches, and online crime. As breaches and attacks become more sophisticated, analyzing volatile memory becomes ever more critical to the investigative process. This book provides a comprehensive guide to performing memory forensics for Windows, Linux, and Mac systems, including x64 architectures. Based on the authors' popular training course, coverage includes memory acquisition, rootkits, tracking user activity, and more, plus case studies that illustrate the real-world application of the techniques presented. Bonus materials include industry-applicable exercises, sample memory dumps, and cutting-edge memory forensics software. Memory forensics is the art of analyzing RAM to solve digital crimes. Conventional incident response often overlooks volatile memory, which contains crucial information that can prove or disprove the system's involvement in a crime, and can even destroy it completely. By implementing memory forensics techniques, analysts are able to preserve memory resident artifacts which often provides a more efficient strategy for investigating modern threats | ||
| 588 | 0 | |a Print version record. | |
| 590 | |a ProQuest Ebook Central |b Ebook Central Academic Complete | ||
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Computer networks |x Security measures. | |
| 650 | 0 | |a Malware (Computer software) | |
| 650 | 0 | |a Computer crimes. | |
| 650 | 2 | |a Computer Security | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
| 650 | 6 | |a Logiciels malveillants. | |
| 650 | 6 | |a Criminalité informatique. | |
| 650 | 7 | |a COMPUTERS |x Security |x Networking. |2 bisacsh | |
| 650 | 7 | |a Réseaux informatiques. |2 eclas | |
| 650 | 7 | |a Délits informatiques. |2 eclas | |
| 650 | 7 | |a Sécurité informatique. |2 eclas | |
| 650 | 7 | |a Mémorisation des données. |2 eclas | |
| 650 | 7 | |a Computer crimes |2 fast | |
| 650 | 7 | |a Computer networks |x Security measures |2 fast | |
| 650 | 7 | |a Computer security |2 fast | |
| 650 | 7 | |a Malware (Computer software) |2 fast | |
| 700 | 1 | |a Case, Andrew |c (Digital forensics researcher), |e author. |1 https://id.oclc.org/worldcat/entity/E39PCjrrbPM9rDCqVxJ4TW4Xh3 | |
| 700 | 1 | |a Levy, Jamie., |e author. | |
| 700 | 1 | |a Walters, Aaron., |e author. | |
| 758 | |i has work: |a The art of memory forensics (Text) |1 https://id.oclc.org/worldcat/entity/E39PCFV3xfdMFTfCjMdkWRXKV3 |4 https://id.oclc.org/worldcat/ontology/hasWork | ||
| 776 | 0 | 8 | |i Print version: |t Art of memory forensics. |d Indianapolis, IN : Wiley, [2014] |z 1118825098 |w (OCoLC)885297340 |
| 856 | 4 | 0 | |u https://ebookcentral.uam.elogim.com/lib/uam-ebooks/detail.action?docID=1740753 |z Texto completo |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH26940483 | ||
| 938 | |a Askews and Holts Library Services |b ASKH |n AH26885624 | ||
| 938 | |a Books 24x7 |b B247 |n bks00063748 | ||
| 938 | |a EBL - Ebook Library |b EBLB |n EBL1740753 | ||
| 938 | |a ebrary |b EBRY |n ebr10895737 | ||
| 938 | |a EBSCOhost |b EBSC |n 812774 | ||
| 938 | |a ProQuest MyiLibrary Digital eBook Collection |b IDEB |n cis28648060 | ||
| 938 | |a Recorded Books, LLC |b RECE |n rbeEB00595685 | ||
| 938 | |a YBP Library Services |b YANK |n 11977971 | ||
| 994 | |a 92 |b IZTAP | ||