Cargando…
The art of memory forensics : detecting malware and threats in Windows, Linux, and Mac memory /
"The Art of Memory Forensics" is a practical guide to the rapidly emerging investigative technique for digital forensics, incident response, and law enforcement. Memory forensics has become a must-have skill for combating the next era of advanced malware, targeted attacks, security breache...
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , , , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Indianapolis, Indiana :
John Wiley and Sons,
[2014]
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000Ii 4500 | ||
|---|---|---|---|
| 001 | OR_ocn906040985 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr unu|||||||| | ||
| 008 | 150402s2014 inua o 000 0 eng d | ||
| 040 | |a UMI |b eng |e rda |e pn |c UMI |d DEBBG |d DEBSZ |d OCLCA |d OCLCF |d CEF |d CRU |d OCLCQ |d UAB |d VT2 |d TXI |d OCLCO |d OCLCQ | ||
| 020 | |a 9781118824993 | ||
| 020 | |a 1118824997 | ||
| 020 | |a 1118825098 | ||
| 020 | |a 9781118825099 | ||
| 020 | |z 9781118825099 | ||
| 029 | 1 | |a DEBBG |b BV042682977 | |
| 029 | 1 | |a DEBSZ |b 44658178X | |
| 029 | 1 | |a GBVCP |b 83587222X | |
| 035 | |a (OCoLC)906040985 | ||
| 037 | |a CL0500000573 |b Safari Books Online | ||
| 050 | 4 | |a TK5105.59 | |
| 082 | 0 | 4 | |a 005.8 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Ligh, Michael Hale. | |
| 245 | 1 | 4 | |a The art of memory forensics : |b detecting malware and threats in Windows, Linux, and Mac memory / |c [by] Michael Hale Ligh, Andrew Case, Jamie Levy, [and] Aaron Walters. |
| 246 | 3 | 0 | |a Detecting malware and threats in Windows, Linux, and Mac memory |
| 264 | 1 | |a Indianapolis, Indiana : |b John Wiley and Sons, |c [2014] | |
| 264 | 4 | |c ©2014 | |
| 300 | |a 1 online resource (xxiii, 886 pages) : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 588 | 0 | |a Online resource; title from title page (Safari, viewed March 20, 2015). | |
| 504 | |a Includes index. | ||
| 505 | 0 | 0 | |g I. |t An introduction to memory forensics ; |t Systems overview -- |t Data structures -- |t The volatility framework -- |t Memory acquisition -- |g II. |t Windows memory forensics ; |t Windows objects and pool allocations -- |t Processes, handles, and tokens -- |t Process memory internals -- |t Hunting malware in process memory -- |t Event logs -- |t Registry in memory -- |t Networking -- |t Windows services -- |t Kernel forensics and rootkits -- |t Windows GUI subsystem, part I -- |t Windows GUI subsystem, part II -- |t Disk artifacts in memory -- |t Event reconstruction -- |t Timelining -- |g III. |t Linux memory forensics ; |t Linux memory acquisition -- |t Linux operating system -- |t Processes and process memory -- |t Networking artifacts -- |t Kernel memory artifacts -- |t File systems in memory -- |t Userland rootkits -- |t Kernel mode rootkits -- |t Case study : Phalanx2 -- |g IV. |t Mac memory forensics ; |t Mac acquisition and internals -- |t Mac memory overview -- |t Malicious code and rootkits -- |t Tracking user activity. |
| 520 | |a "The Art of Memory Forensics" is a practical guide to the rapidly emerging investigative technique for digital forensics, incident response, and law enforcement. Memory forensics has become a must-have skill for combating the next era of advanced malware, targeted attacks, security breaches, and online crime. As breaches and attacks become more sophisticated, analyzing volatile memory becomes ever more critical to the investigative process. This book provides a comprehensive guide to performing memory forensics for Windows, Linux, and Mac systems, including x64 architectures. Based on the authors' popular training course, coverage includes memory acquisition, rootkits, tracking user activity, and more, plus case studies that illustrate the real-world application of the techniques presented. Bonus materials include industry-applicable exercises, sample memory dumps, and cutting-edge memory forensics software. Memory forensics is the art of analyzing RAM to solve digital crimes. Conventional incident response often overlooks volatile memory, which contains crucial information that can prove or disprove the system's involvement in a crime, and can even destroy it completely. By implementing memory forensics techniques, analysts are able to preserve memory resident artifacts which often provides a more efficient strategy for investigating modern threats. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer networks |x Security measures. | |
| 650 | 0 | |a Computer storage devices |x Security measures. | |
| 650 | 0 | |a Malware (Computer software) | |
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Computer crimes. | |
| 650 | 2 | |a Computer Security | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
| 650 | 6 | |a Ordinateurs |x Mémoires |x Sécurité |x Mesures. | |
| 650 | 6 | |a Logiciels malveillants. | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Criminalité informatique. | |
| 650 | 7 | |a Computer crimes. |2 fast |0 (OCoLC)fst00872063 | |
| 650 | 7 | |a Computer networks |x Security measures. |2 fast |0 (OCoLC)fst00872341 | |
| 650 | 7 | |a Computer security. |2 fast |0 (OCoLC)fst00872484 | |
| 650 | 7 | |a Malware (Computer software) |2 fast |0 (OCoLC)fst01748230 | |
| 700 | 1 | |a Case, Andrew |c (Digital forensics researcher), |e author. | |
| 700 | 1 | |a Levy, Jamie. |e author. | |
| 700 | 1 | |a Walters, Aaron. |e author. | |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781118824993/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 994 | |a 92 |b IZTAP | ||