Loading…
The art of memory forensics : detecting malware and threats in Windows, Linux, and Mac memory /
"The Art of Memory Forensics" is a practical guide to the rapidly emerging investigative technique for digital forensics, incident response, and law enforcement. Memory forensics has become a must-have skill for combating the next era of advanced malware, targeted attacks, security breache...
| Call Number: | Libro Electrónico |
|---|---|
| Main Authors: | , , , |
| Format: | Electronic eBook |
| Language: | Inglés |
| Published: |
Indianapolis, IN :
Wiley,
[2014]
|
| Subjects: | |
| Online Access: | Texto completo |
Table of Contents:
- I. An introduction to memory forensics ; Systems overview
- Data structures
- The volatility framework
- Memory acquisition
- II. Windows memory forensics ; Windows objects and pool allocations
- Processes, handles, and tokens
- Process memory internals
- Hunting malware in process memory
- Event logs
- Registry in memory
- Networking
- Windows services
- Kernel forensics and rootkits
- Windows GUI subsystem, part I
- Windows GUI subsystem, part II
- Disk artifacts in memory
- Event reconstruction
- Timelining
- III. Linux memory forensics ; Linux memory acquisition
- Linux operating system
- Processes and process memory
- Networking artifacts
- Kernel memory artifacts
- File systems in memory
- Userland rootkits
- Kernel mode rootkits
- Case study : Phalanx2
- IV. Mac memory forensics ; Mac acquisition and internals
- Mac memory overview
- Malicious code and rootkits
- Tracking user activity.