Malware Forensics Field Guide for Linux Systems is a handy reference that shows students the essential tools needed to do computer forensics analysis at the crime scene. It is part of Syngress Digital Forensics Field Guides, a series of companions for any digital and computer forensic student, investigator or analyst. Each Guide is a toolkit, with checklists for specific tasks, case studies of difficult situations, and expert analyst tips that will aid in recovering data from digital media that will be used in criminal prosecution.
This book collects data from all methods of electronic data storage and transfer devices, including computers, laptops, PDAs and the images, spreadsheets and other types of files stored on these devices. It is specific for Linux-based systems, where new malware is developed every day. The authors are world-renowned leaders in investigating and analyzing malicious code. Chapters cover malware incident response - volatile data collection and examination on a live Linux system; analysis of physical and process memory dumps for malware artifacts; post-mortem forensics - discovering and extracting malware and associated artifacts from Linux systems; legal considerations; file identification and profiling initial analysis of a suspect file on a Linux system; and analysis of a suspect program.
This book will appeal to computer forensic investigators, analysts, and specialists.
"Malin.et al. demonstrate how to preserve volatile data on a Windows system during a malware incident and how to analyze physical and process memory dumps for malware artifacts. The practical handbook also provides formalized methodologies for conducting forensic examinations of Windows systems, profiling a suspect file, and identifying the nature and purpose of a suspect program."--Reference and Research Book News, February 2013
|Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System|
|Analyzing Physical and Process Memory Dumps for Malware Artifacts|
|Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems|
|File Identification and Profiling Initial Analysis of a Suspect File on a Linux System|
|Analysis of a Suspect Program|
|Table of Contents provided by Publisher. All Rights Reserved.|
Number Of Pages: 616
Published: 3rd January 2014
Publisher: Syngress Media,U.S.
Country of Publication: US
Dimensions (cm): 22.9 x 15.2 x 2.8
Weight (kg): 0.73