Managed Code Rootkits - Erez Metula

Managed Code Rootkits

Hooking into Runtime Environments

(Autor)

Buch | Softcover
336 Seiten
2010
Syngress Media,U.S. (Verlag)
978-1-59749-574-5 (ISBN)
49,85 inkl. MwSt
Imagine being able to change the languages for the applications that a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This title introduces the reader briefly to managed code environments and rootkits in general.
Managed Code Rootkits is the first book to cover application-level rootkits and other types of malware inside the application VM, which runs a platform-independent programming environment for processes. The book, divided into four parts, points out high-level attacks, which are developed in intermediate language.

The initial part of the book offers an overview of managed code rootkits. It explores environment models of managed code and the relationship of managed code to rootkits by studying how they use application VMs. It also discusses attackers of managed code rootkits and various attack scenarios. The second part of the book covers the development of managed code rootkits, starting with the tools used in producing managed code rootkits through their deployment.

The next part focuses on countermeasures that can possibly be used against managed code rootkits, including technical solutions, prevention, detection, and response tactics. The book concludes by presenting techniques that are somehow similar to managed code rootkits, which can be used in solving problems.

Erez Metula (CISSP) is an application security researcher specializing in secure development practices, penetration testing, code reviews, and security training for developers. He has extensive hands-on experience performing security assessments and training for organizations worldwide. Erez is the founder of AppSec. He is also a leading instructor at many information security training sessions. He is a constant speaker at security conferences, and has spoken at Black Hat, DEF CON, CanSecWest, OWASP, and more.

Part I: Overview Chapter 1: Introduction Chapter 2: Managed Code Rootkits Part II: Malware Development Chapter 3: Tools of the Trade Chapter 4: Runtime Modification Chapter 5: Manipulating the Runtime Chapter 6: Extending the Language with a Malware API Chapter 7: Automated Framework Modification Chapter 8: Advanced Topics Part III: Countermeasures Chapter 9: Defending against MCRs Part IV: Where Do We Go from Here? Chapter 10: Other Uses of Runtime Modification

Erscheint lt. Verlag 25.11.2010
Zusatzinfo 20 illustrations; Illustrations
Verlagsort Rockland, MA
Sprache englisch
Maße 191 x 235 mm
Gewicht 670 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
ISBN-10 1-59749-574-3 / 1597495743
ISBN-13 978-1-59749-574-5 / 9781597495745
Zustand Neuware
Haben Sie eine Frage zum Produkt?
eBook-Ausgabe
PDF (Adobe DRM)
EPUB (Adobe DRM)
38,95 €
Mehr entdecken
aus dem Bereich
auf Facebook teilen
bei Twitter
Link zu dieser Seite kopieren