Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software (Paperback)

Michael Sikorski, Andrew Honig

買這商品的人也買了...

商品描述

Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.

For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way.

You'll learn how to:

  • Set up a safe virtual environment to analyze malware
  • Quickly extract network signatures and host-based indicators
  • Use key analysis tools like IDA Pro, OllyDbg, and WinDbg
  • Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
  • Use your newfound knowledge of Windows internals for malware analysis
  • Develop a methodology for unpacking malware and get practical experience with five of the most popular packers
  • Analyze special cases of malware with shellcode, C++, and 64-bit code

Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back.

Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.

商品描述(中文翻譯)

惡意軟體分析是一門大生意,攻擊可能會給公司帶來巨大損失。當惡意軟體突破您的防禦時,您需要迅速採取行動來治療當前的感染並防止未來的感染發生。

對於那些想要保持最新惡意軟體動態的人來說,《實用惡意軟體分析》將教您專業分析師使用的工具和技術。有了這本書作為指南,您將能夠安全地分析、調試和反組譯任何遇到的惡意軟體。

您將學到如何:

- 建立一個安全的虛擬環境來分析惡意軟體
- 快速提取網絡簽名和主機指標
- 使用IDA Pro、OllyDbg和WinDbg等關鍵分析工具
- 克服惡意軟體的技巧,如混淆、反組譯、反調試和反虛擬機技術
- 利用您對Windows內部的新知識進行惡意軟體分析
- 開發一種解壓惡意軟體的方法並通過五種最流行的壓縮軟體獲得實際經驗
- 分析包含shellcode、C++和64位代碼的特殊惡意軟體案例

本書中的實踐實驗室將挑戰您在解剖真實惡意軟體樣本時的實踐和綜合技能,詳細的解剖頁面將讓您近距離觀察專業人士的操作。您將學會如何解開惡意軟體,了解其真正的運作方式,確定它造成了什麼損害,徹底清理您的網絡,並確保惡意軟體永遠不會再次出現。

惡意軟體分析是一場不斷變化規則的貓捉老鼠遊戲,所以確保您掌握基本原理非常重要。無論您負責保護一個網絡還是一千個網絡,或者您以惡意軟體分析師為生,您都能在《實用惡意軟體分析》中找到成功所需的一切。