The Art of Computer Virus Research and Defense (Google eBook)

Front Cover
Pearson Education, Feb 3, 2005 - Computers - 744 pages
2 Reviews

Symantec's chief antivirus researcher has written the definitive guide to contemporary virus threats, defense techniques, and analysis tools. Unlike most books on computer viruses, The Art of Computer Virus Research and Defense is a reference written strictly for white hats: IT and security professionals responsible for protecting their organizations against malware. Peter Szor systematically covers everything you need to know, including virus behavior and classification, protection strategies, antivirus and worm-blocking techniques, and much more.

Szor presents the state-of-the-art in both malware and protection, providing the full technical detail that professionals need to handle increasingly complex attacks. Along the way, he provides extensive information on code metamorphism and other emerging techniques, so you can anticipate and prepare for future threats.

Szor also offers the most thorough and practical primer on virus analysis ever published—addressing everything from creating your own personal laboratory to automating the analysis process. This book's coverage includes

  • Discovering how malicious code attacks on a variety of platforms
  • Classifying malware strategies for infection, in-memory operation, self-protection, payload delivery, exploitation, and more
  • Identifying and responding to code obfuscation threats: encrypted, polymorphic, and metamorphic
  • Mastering empirical methods for analyzing malicious code—and what to do with what you learn
  • Reverse-engineering malicious code with disassemblers, debuggers, emulators, and virtual machines
  • Implementing technical defenses: scanning, code emulation, disinfection, inoculation, integrity checking, sandboxing, honeypots, behavior blocking, and much more
  • Using worm blocking, host-based intrusion prevention, and network-level defense strategies
  

What people are saying - Write a review

Review: The Art of Computer Virus Research and Defense (Symantec Press)

User Review  - Tushar - Goodreads

to read the coding of the virus Read full review

Review: The Art of Computer Virus Research and Defense (Symantec Press)

User Review  - Anna - Goodreads

Thorough overview, but unfortunately very poorly edited. Read full review

Contents

About the Author
Preface
Acknowledgments
Part I Strategies of the Attacker
Chapter 1 Introduction to the Games of Nature
Chapter 2 The Fascination of Malicious Code Analysis
Chapter 3 Malicious Code Environments
Chapter 4 Classification of Infection Strategies
Chapter 9 Strategies of Computer Worms
Chapter 10 Exploits Vulnerabilities and Buffer Overflow Attacks
Part II Strategies of the Defender
Chapter 11 Antivirus Defense Techniques
Chapter 12 Memory Scanning and Disinfection
Chapter 13 WormBlocking Techniques and HostBased Intrusion Prevention
Chapter 14 NetworkLevel Defense Strategies
Chapter 15 Malicious Code Analysis Techniques

Chapter 5 Classification of InMemory Strategies
Chapter 6 Basic SelfProtection Strategies
Chapter 7 Advanced Code Evolution Techniques and Computer Virus Generator Kits
Chapter 8 Classification According to Payload
Chapter 16 Conclusion
Index
Copyright

Common terms and phrases

About the author (2005)

Peter Szor is security architect for Symantec Security Response, where he has been designing and building antivirus technologies for the Norton AntiVirus product line since 1999. From 1990 to 1995, Szor wrote and maintained his own antivirus program, Pasteur. A renowned computer virus and security researcher, Szor speaks frequently at the Virus Bulletin, EICAR, ICSA, and RSA conferences, as well as the USENIX Security Symposium. He currently serves on the advisory board of Virus Bulletin magazine, and is a founding member of the AVED (AntiVirus Emergency Discussion) network.

Bibliographic information