Cargando…

Mastering Malware Analysis : the Complete Malware Analyst's Guide to Combating Malicious Software, APT, Cybercrime, and IoT Attacks.

Malware analysis is a powerful investigation technique widely used in various security areas including digital forensics and incident response processes. Working through practical examples, you'll be able to analyze any type of malware you may encounter within the modern world.

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Kleymenov, Alexey
Otros Autores: Thabet, Amr
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham : Packt Publishing, Limited, 2019.
Temas:
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)

MARC

LEADER 00000cam a2200000 i 4500
001 OR_on1104727593
003 OCoLC
005 20231017213018.0
006 m o d
007 cr cnu---unuuu
008 190615s2019 enk o 000 0 eng d
040 |a EBLCP  |b eng  |e pn  |c EBLCP  |d YDX  |d TEFOD  |d OCLCF  |d UKMGB  |d TEFOD  |d OCLCQ  |d UKAHL  |d OCLCQ  |d N$T  |d OCLCQ  |d QGK  |d OCLCO  |d K6U  |d OCLCQ  |d OCLCO 
015 |a GBB9B4160  |2 bnb 
016 7 |a 019446105  |2 Uk 
019 |a 1104304851  |a 1104401294 
020 |a 1789614872 
020 |a 9781789614879  |q (electronic bk.) 
020 |z 1789610788 
020 |z 9781789610789 
029 1 |a AU@  |b 000067829954 
029 1 |a CHNEW  |b 001059152 
029 1 |a CHVBK  |b 56975755X 
029 1 |a UKMGB  |b 019446105 
029 1 |a AU@  |b 000065435184 
035 |a (OCoLC)1104727593  |z (OCoLC)1104304851  |z (OCoLC)1104401294 
037 |a 74D995F6-1972-410B-9224-4213067B9862  |b OverDrive, Inc.  |n http://www.overdrive.com 
050 4 |a QA76.76.C68 
080 |a 681.3 
082 0 4 |a 005.88  |2 23 
049 |a UAMI 
100 1 |a Kleymenov, Alexey. 
245 1 0 |a Mastering Malware Analysis :  |b the Complete Malware Analyst's Guide to Combating Malicious Software, APT, Cybercrime, and IoT Attacks. 
260 |a Birmingham :  |b Packt Publishing, Limited,  |c 2019. 
300 |a 1 online resource (548 pages) 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
505 0 |a Cover; Title Page; Copyright and Credits; About Packt; Contributors; Table of Contents; Preface; Section 1: Fundamental Theory; Chapter 1: A Crash Course in CISC/RISC and Programming Basics; Basic concepts; Registers; Memory; Virtual memory; Stack; Branches, loops, and conditions; Exceptions, interrupts, and communicating with other devices; Assembly languages; CISC versus RISC; Types of instructions; Becoming familiar with x86 (IA-32 and x64); Registers; Special registers; The instruction structure; opcode; dest; src; The instruction set; Data manipulation instructions 
505 8 |a Data transfer instructionsFlow control instructions; Arguments, local variables, and calling conventions (in x86 and x64); stdcall; Arguments; Local variables; cdecl; fastcall; thiscall; The x64 calling convention; Exploring ARM assembly; Basics; Instruction sets; Basics of MIPS; Basics; The instruction set; Diving deep into PowerPC; Basics; The instruction set; Covering the SuperH assembly; Basics; The instruction set; Working with SPARC; Basics; The instruction set; From assembly to high-level programming languages; Arithmetic statements; If conditions; While loop conditions; Summary 
505 8 |a Section 2: Diving Deep into Windows MalwareChapter 2: Basic Static and Dynamic Analysis for x86/x64; Working with the PE header structure; Why PE?; Exploring PE structure; MZ header; PE header; File header; Optional header; Data directory; Section table; PE+ (x64 PE); PE analysis tools; Static and dynamic linking; Static linking; Dynamic linking; Dynamic link libraries; Application programming interface; Dynamic API loading; Using PE header information for static analysis; How to use PE header for incident handling; How to use a PE header for threat intelligence 
505 8 |a PE loading and process creationBasic terminology; What's process?; Virtual memory to physical memory mapping; Threads; Important data structures: TIB, TEB, and PEB; Process loading step by step; PE file loading step by step; WOW64 processes; Dynamic analysis with OllyDbg/immunity debugger; Debugging tools; How to analyze a sample with OllyDbg; Types of breakpoints; Step into/step over breakpoint; INT3 breakpoint; Memory breakpoints; Hardware breakpoints; Modifying the program execution; Patching-modifying the program's assembly instructions; Change EFlags 
505 8 |a Modifying the instruction pointer valueChanging the program data; Debugging malicious services; What is service?; Attaching to the service; Summary; Chapter 3: Unpacking, Decryption, and Deobfuscation; Exploring packers; Exploring packing and encrypting tools; Identifying a packed sample; Technique 1 -- checking PE tool static signatures; Technique 2 -- evaluating PE section names; Technique 3 -- using stub execution signs; Technique 4 -- detecting a small import table; Automatically unpacking packed samples; Technique 1 -- the official unpacking process; Technique 2 -- using OllyScript with OllyDbg. 
520 |a Malware analysis is a powerful investigation technique widely used in various security areas including digital forensics and incident response processes. Working through practical examples, you'll be able to analyze any type of malware you may encounter within the modern world. 
588 0 |a Print version record. 
590 |a eBooks on EBSCOhost  |b EBSCO eBook Subscription Academic Collection - Worldwide 
590 |a O'Reilly  |b O'Reilly Online Learning: Academic/Public Library Edition 
630 0 0 |a Microsoft Windows (Computer file)  |x Security measures. 
630 0 7 |a Microsoft Windows (Computer file)  |2 fast 
650 0 |a Malware (Computer software) 
650 0 |a Computer security. 
650 0 |a Cyberterrorism  |x Security measures. 
650 2 |a Computer Security 
650 6 |a Logiciels malveillants. 
650 6 |a Sécurité informatique. 
650 6 |a Cyberterrorisme  |x Sécurité  |x Mesures. 
650 7 |a Microsoft Windows (Programa de ordenador))  |x Estadio y enseñanza.  |2 embne 
650 7 |a Ciberterrorismo  |2 embne 
650 7 |a Computer security  |2 fast 
650 7 |a Malware (Computer software)  |2 fast 
650 7 |a Security systems  |2 fast 
700 1 |a Thabet, Amr. 
776 0 8 |i Print version:  |a Kleymenov, Alexey.  |t Mastering Malware Analysis : The Complete Malware Analyst's Guide to Combating Malicious Software, APT, Cybercrime, and IoT Attacks.  |d Birmingham : Packt Publishing, Limited, ©2019  |z 9781789610789 
856 4 0 |u https://learning.oreilly.com/library/view/~/9781789610789/?ar  |z Texto completo (Requiere registro previo con correo institucional) 
938 |a Askews and Holts Library Services  |b ASKH  |n BDZ0040165316 
938 |a ProQuest Ebook Central  |b EBLB  |n EBL5786682 
938 |a EBSCOhost  |b EBSC  |n 2156663 
938 |a YBP Library Services  |b YANK  |n 16276871 
994 |a 92  |b IZTAP