Malware Forensics and over 1.5 million other books are available for Amazon Kindle . Learn more


or
Sign in to turn on 1-Click ordering.
Trade in Yours
For a £2.90 Gift Card
Trade in
More Buying Choices
Have one to sell? Sell yours here
Sorry, this item is not available in
Image not available for
Colour:
Image not available

 
Share your own customer images
Search inside this book
Start reading Malware Forensics on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Malware Forensics: Investigating and Analyzing Malicious Code [Paperback]

Cameron H. Malin (Author), Eoghan Casey (Author), James M. Aquilina (Author)
3.0 out of 5 stars  See all reviews (1 customer review)
RRP: £42.99
Price: £37.83 & this item Delivered FREE in the UK with Super Saver Delivery. See details and conditions
You Save: £5.16 (12%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 1 left in stock (more on the way).
Dispatched from and sold by Amazon. Gift-wrap available.
Want delivery by Thursday, 23 May? Choose Express delivery at checkout. See Details

Formats

 Amazon Price New from Used from
Kindle Edition £28.37   -- --
Paperback £37.83   -- --
Trade In this Item for up to £2.90
Trade in Malware Forensics: Investigating and Analyzing Malicious Code for an Amazon.co.uk gift card of up to £2.90, which you can then spend on millions of items across the site. Trade-in values may vary (terms apply). Learn more

Book Description

Publication Date: 4 Aug 2008 | ISBN-10: 159749268X | ISBN-13: 978-1597492683
"Malware Forensics: Investigating and Analyzing Malicious Code" covers the emerging and evolving field of 'live forensics', where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss 'live forensics' on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system. "Malware Forensics: Investigating and Analyzing Malicious Code" also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in malicious code forensics. Prior to this book, competing texts have described malicious code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to analyzing malicious code. Conversely, "Malware Forensics: Investigating and Analyzing Malicious Code" emphasizes the practical 'how-to' aspect of malicious code investigation, giving deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more. This book is the winner of Best Book Bejtlich read in 2008! Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader. This is the first book to detail how to perform 'live forensic' techniques on malicious code. In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter.

Frequently Bought Together

Malware Forensics: Investigating and Analyzing Malicious Code + Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Price For Both: £63.42

Buy the selected items together

Product details

  • Paperback: 592 pages
  • Publisher: Syngress (4 Aug 2008)
  • Language: English
  • ISBN-10: 159749268X
  • ISBN-13: 978-1597492683
  • Product Dimensions: 19.1 x 3.6 x 23.5 cm
  • Average Customer Review: 3.0 out of 5 stars  See all reviews (1 customer review)
  • Amazon Bestsellers Rank: 782,052 in Books (See Top 100 in Books)

    •  Would you like to update product info or give feedback on images?

More About the Authors

Discover books, learn about writers, and more.
James M. Aquilina
Cameron H. Malin
Eoghan Casey

Product Description

About the Author

Cameron H. Malin is Special Agent with the Federal Bureau of Investigation assigned to a Cyber Crime squad in Los Angeles, California, where he is responsible for the investigation of computer intrusion and malicious code matters. Special Agent Malin is the founder and developer of the FBI's Technical Working Group on Malware Analysis and Incident Response. Special Agent Malin is a Certified Ethical Hacker (C|EH) as designated by the International Council of E-Commerce Consultants, a Certified Information Systems Security Professional (CISSP), as designated by the International Information Systems Security Consortium, a GIAC certified Reverse-Engineering Malware Professional (GREM), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), and a GIAC Certified Forensic Analyst (GCFA), as designated by the SANS Institute. Eoghan Casey is an internationally recognized expert in data breach investigations and information security forensics. He is founding partner of CASEITE.com, and co-manages the Risk Prevention and Response business unit at DFLabs. Over the past decade, he has consulted with many attorneys, agencies, and police departments in the United States, South America, and Europe on a wide range of digital investigations, including fraud, violent crimes, identity theft, and on-line criminal activity. Eoghan has helped organizations investigate and manage security breaches, including network intrusions with international scope. He has delivered expert testimony in civil and criminal cases, and has submitted expert reports and prepared trial exhibits for computer forensic and cyber-crime cases. In addition to his casework and writing the foundational book Digital Evidence and Computer Crime, Eoghan has worked as R&D Team Lead in the Defense Cyber Crime Institute (DCCI) at the Department of Defense Cyber Crime Center (DC3) helping enhance their operational capabilities and develop new techniques and tools. He also teaches graduate students at Johns Hopkins University Information Security Institute and created the Mobile Device Forensics course taught worldwide through the SANS Institute. He has delivered keynotes and taught workshops around the globe on various topics related to data breach investigation, digital forensics and cyber security. Eoghan has performed thousands of forensic acquisitions and examinations, including Windows and UNIX systems, Enterprise servers, smart phones, cell phones, network logs, backup tapes, and database systems. He also has information security experience, as an Information Security Officer at Yale University and in subsequent consulting work. He has performed vulnerability assessments, deployed and maintained intrusion detection systems, firewalls and public key infrastructures, and developed policies, procedures, and educational programs for a variety of organizations. Eoghan has authored advanced technical books in his areas of expertise that are used by practitioners and universities around the world, and he is Editor-in-Chief of Elsevier's International Journal of Digital Investigation. James M. Aquilina, Esq. is the Managing Director and Deputy General Counsel of Stroz Friedberg, LLC, a consulting and technical services firm specializing in computer forensics; cyber-crime response; private investigations; and the preservation, analysis and production of electronic data from single hard drives to complex corporate networks. As the head of the Los Angeles Office, Mr. Aquilina supervises and conducts digital forensics and cyber-crime investigations and oversees large digital evidence projects. Mr. Aquilina also consults on the technical and strategic aspects of anti-piracy, antispyware, and digital rights management (DRM) initiatives for the media and entertainment industries, providing strategic thinking, software assurance, testing of beta products, investigative assistance, and advice on whether the technical components of the initiatives implicate the Computer Fraud and Abuse Act and anti-spyware and consumer fraud legislation. His deep knowledge of botnets, distributed denial of service attacks, and other automated cyber-intrusions enables him to provide companies with advice to bolster their infrastructure protection.
Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:

Customer Reviews

5 star
0
4 star
0
3 star
1
2 star
0
1 star
0
3.0 out of 5 stars
1 review
3.0 out of 5 stars
Most Helpful Customer Reviews
3.0 out of 5 stars Methodology is sound but tools and information is out-dated. 18 Dec 2011
By M. SMITH
Format:Paperback
I have had this book for about 2 years now. It is getting a bit out of date. The methodologies provided are sound but the areas covered are pretty basic and the tools are far from the best available. Much of the information is available online for free. I would recommend it to anyone who is just getting into the field of computer forensics but it will not help a professional in this field.

For a positive this book does cover a lot more than traditional windows hard disk forensics. It has methodologies for Windows and Linux Based incident response, Live Analysis, Memory analysis and hard disk analysis.

This should really be worthy of 3.5 stars but as its not worth 4 I'm sticking with 3.
Comment | 
Was this review helpful to you?
Yes
No
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.9 out of 5 stars  12 reviews
11 of 11 people found the following review helpful
5.0 out of 5 stars Candidate for Best Book Bejtlich Read in 2008 3 Nov 2008
By Richard Bejtlich - Published on Amazon.com
Format:Paperback
Malware Forensics is an awesome book. Last year Syngress published Harlan Carvey's 5-star Windows Forensic Analysis, and now we get to enjoy this new title by James Aquilina, Eoghan Casey, and Cameron Malin, plus technical editing by Curtis Rose. I should disclose that I co-wrote a forensics book with Curtis Rose, and I just delivered a guest lecture in a class taught by Eoghan Casey. However, I still call books as I see them, regardless of the author. (Check out my review of Security Sage's Guide to Hardening the Network Infrastructure for proof.) I can confidently say that anyone interested in learning how to analyze malware, or perform incident response, will benefit from reading Malware Forensics.

I imagine that code-savvy investigators probably don't need to read Malware Forensics. However, this is not a book for newbies. The target audience includes those doing intrusion analysis on Windows and Linux who want to focus directly on examining malicious code. An investigator whose world revolves around reviewing hard drives with EnCase will probably not understand Malware Forensics. An investigator who needs guidance on identifying and then understanding malware will definitely like this book.

The front cover emphasizes the book's "practical, hands-on" nature. I admit that I tried to follow along in many parts, usually by retrieving various Windows tools to try on malware caught in my spam folder. I do not expect the reader to become an expert in any one area of analysis, but I do applaud the authors for exposing readers to just about every aspect of malware analysis you might expect. The book uses large and small cases, multiple sample analyses, and extensive tool output to guide readers. Even the legal chapter covers the questions most of us are likely to ask.

Furthermore, how often does one read an introduction (through p xxxvi) that is educational? I loved the points about DNA tests destroying evidence and the discussion of what is "forensically sound" on p xxv, and the mention of "evidence dynamics" on p xxvi. I got the sense the authors were real forensics experts, not strictly malware geeks. The citing of non-infosec sources when making points showed me they understood the big picture (p xxxi). They also cited their tools with footnotes and URLs, and included chapter end-notes.

I found very little to complain about in this book. I noticed awkward placement of commas in chapters 3 and 8. A copyeditor could have removed those. From what I can see, the authors appreciated Curtis Rose's involvement. Syngress should observe the value of an editor who seriously reviews the text. (The last page of the book even includes errata that couldn't make it into the previous text!)

I am seriously considering Malware Forensics as my Best Book Bejtlich Read in 2008. If it doesn't win (stay tuned for announcements at the end of December) Malware Forensics will be one of the top four for the year.
4 of 4 people found the following review helpful
5.0 out of 5 stars Practical and essential for IT industry experts 1 Oct 2008
By shopaholic - Published on Amazon.com
Format:Paperback
As the sole network administrator in a small Internet startup, I am responsible for every facet of our IT department. In the past year, our network has encountered intrusions, mainly by vindictive ex-employees, and a myriad of viruses/trojans of which a few of our systems became zombie machines. Since our network has fallen prey to various malware, on several occasions I've been notified by law enforcement that our machines were a part of a bot net. Other times we were warned by PayPal, eBay, and other financial institutions such as Bank of America that we were hosting phishing web sites. Starting a company on limited funds and manpower as well as enduring the growing pains of maintaining a network are difficult enough by itself. A colleague from my prior company referred me this new book which he thought would be suitable to bring me up to speed on investigating malware. Together with my knowledge base and reading through several key chapters, performing a few practical hands on case scenarios, and building a live response tool kit, I feel confidant that I would be able to proficiently investigate and analyze most malware which I may encounter. At minimum, I would be able to assist or present to law enforcement my findings for further investigation.
2 of 2 people found the following review helpful
5.0 out of 5 stars Something for Everyone 23 Sep 2008
By Bookworm - Published on Amazon.com
Format:Paperback
Relatively new to malware analysis and computer forensics, I was a bit concerned if this book would be helpful to me. I wanted a book that would serve as an introduction as well a reference guide, and this book hit the mark! Particularly useful is the book's coverage of both Windows and Linux, which makes it a nice universal reference. [Side note: As I'm primarily a Mac user, it would have been nice to see some Mac coverage as well, but maybe in the next edition?]
The book structure and flow is intuitive and I enjoyed following the case scenarios as the basis of demonstrating the tools and techniques Although the book covers each facet of the "malware forensics" process (live response, file profiling, etc) in great detail, and with the chapters building on each other, I found it pretty easy to jump ahead to other chapters too. The book web site, (www.malwareforensics.com) was not adverstised, but easy enough to find, considering the URL is simply the book title. The site serves a good reference to bookmark because it announces the release of new or updated tools and has a lot of links to other malware/forensic resources. Overall, I was pleasantly surprised with Malware Forensics and I'm looking forward to the 2nd edition!"
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

There's a problem loading this menu at the moment.

Learn more about Amazon Prime.

    Your Shopping Basket is empty.

    Give it purpose -- fill it with books, DVDs, clothes, electronics and more.

    If you already have an account, sign in.

    There's a problem previewing your shopping basket at the moment.

    Check your Internet connection and go to your cart, or try again.

    View Shopping Basket (0 items)

      Customer Discussions

      This product's forum
      Discussion Replies Latest Post
      No discussions yet

      Ask questions, Share opinions, Gain insight
      Start a new discussion
      Topic:
      First post:
      Prompts for sign-in
       

      Search Customer Discussions
      Search all Amazon discussions
         

      Listmania!

      Create a Listmania! list

      Look for similar items by category

      Feedback


      Amazon.co.uk Privacy Statement Amazon.co.uk Delivery Information Amazon.co.uk Returns & Exchanges