000 | 02017nam a22002657a 4500 | ||
---|---|---|---|
003 | OSt | ||
005 | 20240115091755.0 | ||
008 | 210924b ||||| |||| 00| 0 eng d | ||
020 | _a9781597494700 | ||
040 |
_aBUL _cBUL _dBUL _beng _erda |
||
082 |
_223 _a005.8 _bMAL |
||
100 | _aMalin, Cameron. H. | ||
245 |
_aMalware forensic field guide for linux system : _bdigital forensic field guide / _cMalin H. Cameron, Eogham Casey, and James M. Aquillina. |
||
260 |
_aAmsterdam: _bElsevier, _cc2014 |
||
300 |
_axxxix, 574 p. _bill. _c23 cm. |
||
500 | _aContents 1. Malware incident response Nonvolatile Data collection from a live linux system Conclusion 2. Linux memory forensic Introduction Interpreting various data structures in Linux memory Dumping Linux process memory Dissecting Linux process memory Conclusion 3. Postmortem forensics Introduction Examining Linux file system Examining application traces Key word searching Forensics reconstruction of compromised Linux systems etc 4. Legal considerations Framing the issues General considerations Source of investigative authority Statutory limits on Authority Tools for acquiring data etc 5. File identification and profiling Introduction File similarity indexing Symbolic and debug information Embedded file Metadata File Obfuscation:Packing and encryption identification etc 6. Analysis of a Malware specimen Introduction Pre-execution preparation: system and network monitoring Execution Artifact Capture: Digital impression and trace evidence Executing the malicious code specimen Automated Malware analysis framework Interacting with and manipulating the Malware specimen etc | ||
504 | _aIncludes Index p. 565-574 | ||
650 | _aMalware Forensic | ||
650 | _aLinux systems | ||
700 | _a Casey, Eoghan | ||
700 | _aAquillina, James M. | ||
700 |
_aRose, Curtis W. _eTechnical editor |
||
942 |
_2ddc _cBOOK-CA _h005.8 _i1 _kMAL _m005.8 MAL |
||
999 |
_c6438 _d6438 |