滿額折
Rootkits and Bootkits ― Reversing Modern Malware and Next Generation Threats
相關商品
商品簡介
作者簡介
商品簡介
Rootkits and Bootkits delivers a master class in malware evolution that will give you the techniques and tools necessary to counter sophisticated, advanced threats. We’re talking hard stuff – attacks buried deep in a machine’s boot process or UEFI firmware that keep malware analysts up late at night.
Security experts Alex Matrosov, Eugene Rodionov, and Sergey Bratus share the knowledge they’ve gained over years of professional research. With these field notes, you’ll trace malware evolution from rootkits like TDL3 to present day UEFI implants and examine how these malware infect the system, persist through reboot, and evade security software. While you inspect real malware under the microscope, you’ll learn:
-The details of the Windows boot process, from 32-bit to 64-bit and UEFI, and where it’s vulnerable.
-Boot process security mechanisms like Secure Boot, the kernel-mode signing policy include some details about recent technologies like Virtual Secure Mode (VSM) and Device Guard.
-The reverse engineering and forensic approaches for real malware discovered in the wild, including bootkits like Rovnix/Carberp, Gapz, TDL4 and the infamous rootkits TDL3 and Festi.
-How to perform boot process dynamic analysis using emulation and virtualization
-Modern BIOS-based rootkits and implants with directions for forensic analysis
Cybercrime syndicates and malicious actors keep pushing the envelope, writing ever more persistent and covert attacks. But the game is not lost. Explore the cutting edge of malware analysis with Rootkits and Bootkits.
Covers boot processes for Windows 32-bit and 64-bit operating systems.
Security experts Alex Matrosov, Eugene Rodionov, and Sergey Bratus share the knowledge they’ve gained over years of professional research. With these field notes, you’ll trace malware evolution from rootkits like TDL3 to present day UEFI implants and examine how these malware infect the system, persist through reboot, and evade security software. While you inspect real malware under the microscope, you’ll learn:
-The details of the Windows boot process, from 32-bit to 64-bit and UEFI, and where it’s vulnerable.
-Boot process security mechanisms like Secure Boot, the kernel-mode signing policy include some details about recent technologies like Virtual Secure Mode (VSM) and Device Guard.
-The reverse engineering and forensic approaches for real malware discovered in the wild, including bootkits like Rovnix/Carberp, Gapz, TDL4 and the infamous rootkits TDL3 and Festi.
-How to perform boot process dynamic analysis using emulation and virtualization
-Modern BIOS-based rootkits and implants with directions for forensic analysis
Cybercrime syndicates and malicious actors keep pushing the envelope, writing ever more persistent and covert attacks. But the game is not lost. Explore the cutting edge of malware analysis with Rootkits and Bootkits.
Covers boot processes for Windows 32-bit and 64-bit operating systems.
作者簡介
Alex Matrosov is a leading offensive security researcher at NVIDIA. He has more than two decades of experience with reverse engineering, advanced malware analysis, firmware security, and exploitation techniques. Beforeoining NVIDIA, Alex served as Principal Security Researcher at Intel Security Center of Excellence (SeCoE), and spent more than six years in the Intel Advanced Threat Research team, and was Senior Security Researcher at ESET. Alex has authored and co-authored numerous research papers, and is a frequent speaker at security conferences, including REcon, Zeronigths, Black Hat, DEFCON, and others. Also, he is awarded by Hex-Rays for open-source plugin HexRaysCodeXplorer which is developed and supported since 2013 by REhint’s team.
Eugene Rodionov, PhD, is a Security Researcher at Intel working in the domain of BIOS security for Client Platforms. Before that, Rodionov ran internal research projects and performed in-depth analysis of complex threats at ESET. His fields of interest include firmware security, kernel-mode programming, anti-rootkit technologies, and reverse engineering. Rodionov has spoken at security conferences such as Black Hat, REcon, ZeroNights, and CARO, and has co-authored numerous research papers.
Sergey Bratus is a Research Associate Professor in the Computer Science Department at Dartmouth College. He has previously worked at BBN Technologies on Natural Language Processing research. Bratus is interested in all aspects of Unix security, in particular in Linux kernel security, and detection and reverse engineering of Linux malware.
Eugene Rodionov, PhD, is a Security Researcher at Intel working in the domain of BIOS security for Client Platforms. Before that, Rodionov ran internal research projects and performed in-depth analysis of complex threats at ESET. His fields of interest include firmware security, kernel-mode programming, anti-rootkit technologies, and reverse engineering. Rodionov has spoken at security conferences such as Black Hat, REcon, ZeroNights, and CARO, and has co-authored numerous research papers.
Sergey Bratus is a Research Associate Professor in the Computer Science Department at Dartmouth College. He has previously worked at BBN Technologies on Natural Language Processing research. Bratus is interested in all aspects of Unix security, in particular in Linux kernel security, and detection and reverse engineering of Linux malware.
您曾經瀏覽過的商品
購物須知
外文書商品之書封,為出版社提供之樣本。實際出貨商品,以出版社所提供之現有版本為主。部份書籍,因出版社供應狀況特殊,匯率將依實際狀況做調整。
無庫存之商品,在您完成訂單程序之後,將以空運的方式為你下單調貨。為了縮短等待的時間,建議您將外文書與其他商品分開下單,以獲得最快的取貨速度,平均調貨時間為1~2個月。
為了保護您的權益,「三民網路書店」提供會員七日商品鑑賞期(收到商品為起始日)。
若要辦理退貨,請在商品鑑賞期內寄回,且商品必須是全新狀態與完整包裝(商品、附件、發票、隨貨贈品等)否則恕不接受退貨。