Malware Analysis and Detection Engineering - Abhijit Mohanta, Anoop Saldanha

Malware Analysis and Detection Engineering (eBook)

A Comprehensive Approach to Detect and Analyze Modern Malware
eBook Download: PDF
2020 | 1st ed.
XXXIV, 914 Seiten
Apress (Verlag)
978-1-4842-6193-4 (ISBN)
Systemvoraussetzungen
89,99 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

Discover how the internals of malware work and how you can analyze and detect it. You will learn not only how to analyze and reverse malware, but also how to classify and categorize it, giving you insight into the intent of the malware. Malware Analysis and Detection Engineering is a one-stop guide to malware analysis that simplifies the topic by teaching you undocumented tricks used by analysts in the industry. You will be able to extend your expertise to analyze and reverse the challenges that malicious software throws at you. 

The book starts with an introduction to malware analysis and reverse engineering to provide insight on the different types of malware and also the terminology used in the anti-malware industry. You will know how to set up an isolated lab environment to safely execute and analyze malware. You will learn about malware packing, code injection, and process hollowing plus how to analyze, reverse, classify, and categorize malware using static and dynamic tools. You will be able to automate your malware analysis process by exploring detection tools to modify and trace malware programs, including sandboxes, IDS/IPS, anti-virus, and Windows binary instrumentation.

The book provides comprehensive content in combination with hands-on exercises to help you dig into the details of malware dissection, giving you the confidence to tackle malware that enters your environment.


What You Will Learn
  • Analyze, dissect, reverse engineer, and classify malware
  • Effectively handle malware with custom packers and compilers
  • Unpack complex malware to locate vital malware components and decipher their intent
  • Use various static and dynamic malware analysis tools   
  • Leverage the internals of various detection engineering tools to improve your workflow         
  • Write Snort rules and learn to use them with Suricata IDS 

Who This Book Is For

Security professionals, malware analysts, SOC analysts, incident responders, detection engineers, reverse engineers, and network security engineers


'This book is a beast! If you're looking to master the ever-widening field of malware analysis, look no further. This is the definitive guide for you.'  Pedram Amini, CTO Inquest; Founder OpenRCE.org and ZeroDayInitiative



Abhijit Mohanta is an independent cybersecurity consultant and corporate trainer who has worked extensively in malware reverse engineering, vulnerability research, anti-virus engine development, anti-malware signature writing, and sandbox development. He has worked with the Symantec, McAfee, and Juniper Networks anti-malware labs. He holds several patents. He blogs regularly and has been a speaker at security conferences and workshops. His articles have been republished and quoted in a number of blogs and whitepapers, including eForensics magazine. He is also the author of the book Preventing Ransomware: Understand, Prevent, and Remediate Ransomware Attacks.

Anoop Saldanha is one of the core authors of the Suricata Intrusion Detection and Prevention System, funded by the US Department of Homeland Security (DHS). He works as an independent security consultant and as a corporate security trainer. He designs and develops various detection technologies to secure both the host and the network, ranging from network security tools such as IDS/IPS to malware sandboxes, malware analysis tools, firewalls, and endpoints. He holds multiple patents in the field of security and speaks at security conferences and workshops. He has previously worked in threat research labs and detection engineering teams at RSA Security, Juniper Networks, Cyphort Cybersecurity, and various other cybersecurity startups.



Discover how the internals of malware work and how you can analyze and detect it. You will learn not only how to analyze and reverse malware, but also how to classify and categorize it, giving you insight into the intent of the malware. Malware Analysis and Detection Engineering is a one-stop guide to malware analysis that simplifies the topic by teaching you undocumented tricks used by analysts in the industry. You will be able to extend your expertise to analyze and reverse the challenges that malicious software throws at you. The book starts with an introduction to malware analysis and reverse engineering to provide insight on the different types of malware and also the terminology used in the anti-malware industry. You will know how to set up an isolated lab environment to safely execute and analyze malware. You will learn about malware packing, code injection, and process hollowing plus how to analyze, reverse, classify, and categorize malware using static and dynamic tools. You will be able to automate your malware analysis process by exploring detection tools to modify and trace malware programs, including sandboxes, IDS/IPS, anti-virus, and Windows binary instrumentation.The book provides comprehensive content in combination with hands-on exercises to help you dig into the details of malware dissection, giving you the confidence to tackle malware that enters your environment.What You Will LearnAnalyze, dissect, reverse engineer, and classify malwareEffectively handle malware with custom packers and compilersUnpack complex malware to locate vital malware components and decipher their intentUse various static and dynamic malware analysis tools   Leverage the internals of various detection engineering tools to improve your workflow         Write Snort rules and learn to use them with Suricata IDS Who This Book Is ForSecurity professionals, malware analysts, SOC analysts, incident responders, detection engineers, reverse engineers, and network security engineers"e;This book is a beast! If you're looking to master the ever-widening field of malware analysis, look no further. This is the definitive guide for you."e;  Pedram Amini, CTO Inquest; Founder OpenRCE.org and ZeroDayInitiative
Erscheint lt. Verlag 22.9.2020
Zusatzinfo XXXIV, 914 p. 548 illus.
Sprache englisch
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Schlagworte Analysis • binary • Debugging • Defence • evasion • Forensics • Hooking • Injection • Malware • Networking • Persistence • reverse • Rootkits • security
ISBN-10 1-4842-6193-3 / 1484261933
ISBN-13 978-1-4842-6193-4 / 9781484261934
Haben Sie eine Frage zum Produkt?
PDFPDF (Wasserzeichen)
Größe: 51,2 MB

DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasser­zeichen und ist damit für Sie persona­lisiert. Bei einer missbräuch­lichen Weiter­gabe des eBooks an Dritte ist eine Rück­ver­folgung an die Quelle möglich.

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das umfassende Handbuch

von Michael Kofler; Klaus Gebeshuber; Peter Kloep …

eBook Download (2022)
Rheinwerk Computing (Verlag)
49,90
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
42,99
Umfassendes Sicherheits-, Kontinuitäts- und Risikomanagement mit …

von Klaus-Rainer Müller

eBook Download (2023)
Springer Fachmedien Wiesbaden (Verlag)
79,99