Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Title
Copyright
Dedication
Acknowledgments
About the Authors
About the Technical Editor
Introduction
Chapter 1. Malware Incident Response
Solutions in this chapter:
Volatile Data Collection and Analysis Tools
Non-Volatile Data Collection and Analysis Tools
Selected Readings
Jurisprudence/RFCS/Technical Specifications
Chapter 2. Memory Forensics
Solutions in this chapter:
Selected Readings
Chapter 3. Post-Mortem Forensics
Solutions in this chapter:
Selected Readings
Chapter 4. Legal Considerations
Solutions in this chapter:
Chapter 5. File Identification and Profiling
Solutions in this chapter:
Selected Readings
Chapter 6. Analysis of a Malware Specimen
Solutions in this chapter:
Introduction
Goals
Guidelines for Examining a Malicious File Specimen
Establishing the Environment Baseline
Pre-Execution Preparation: System and Network Monitoring
Execution Artifact Capture: Digital Impression and Trace Evidence
Executing the Malicious Code Specimen
Execution Trajectory Analysis: Observing Network, Process, Api, File System, and Registry Activity
Automated Malware Analysis Frameworks
Online Malware Analysis Sandboxes
Defeating Obfuscation
Embedded Artifact Extraction Revisited
Interacting with and Manipulating the Malware Specimen: Exploring and Verifying Functionality and Purpose
Event Reconstruction and Artifact Review: Post-Run Data Analysis
Digital Virology: Advanced Profiling Through Malware Taxonomy and Phylogeny
Conclusion
Pitfalls to Avoid
Selected Readings
Index
← Prev
Back
Next →
← Prev
Back
Next →