- 本カテゴリの商品を2500円以上購入で買取金額500円UPキャンペーン対象商品です。商品出荷時に買取サービスでご利用いただけるクーポンをメールにてご案内させていただきます。 詳細はこちら (細則もこちらからご覧いただけます)
Art of Computer Virus Research and Defense, The (Symantec Press) (英語) ペーパーバック – 2005/2/3
Kindle 端末は必要ありません。無料 Kindle アプリのいずれかをダウンロードすると、スマートフォン、タブレットPCで Kindle 本をお読みいただけます。
Of all the computer-related books I ve read recently, this one influenced my thoughts about security the most. There is very little trustworthy information about computer viruses. Peter Szor is one of the best virus analysts in the world and has the perfect credentials to write this book.--Halvar Flake, Reverse Engineer, SABRE Security GmbHSymantec s chief antivirus researcher has written the definitive guide to contemporary virus threats, defense techniques, and analysis tools. Unlike most books on computer viruses, The Art of Computer Virus Research and Defense is a reference written strictly for white hats: IT and security professionals responsible for protecting their organizations against malware. Peter Szor systematically covers everything you need to know, including virus behavior and classification, protection strategies, antivirus and worm-blocking techniques, and much more. Szor presents the state-of-the-art in both malware and protection, providing the full technical detail that professionals need to handle increasingly complex attacks. other emerging techniques, so you can anticipate and prepare for future threats.Szor also offers the most thorough and practical primer on virus analysis ever published--addressing everything from creating your own personal laboratory to automating the analysis process. This book s coverage includesDiscovering how malicious code attacks on a variety of platforms Classifying malware strategies for infection, in-memory operation, self-protection, payload delivery, exploitation, and moreIdentifying and responding to code obfuscation threats: encrypted, polymorphic, and metamorphicMastering empirical methods for analyzing malicious code--and what to do with what you learnReverse-engineering malicious code with disassemblers, debuggers, emulators, and virtual machinesImplementing technical defenses: scanning, code emulation, disinfection, inoculation, integrity checking, sandboxing, honeypots, behavior blocking, and much moreUsing worm blocking, host-based intrusion prevention, and network-level defense strategies(c) Copyright Pearson Education. All rights reserved.
Peter Szor is security architect for Symantec Security Response, where he has been designing and building antivirus technologies for the Norton AntiVirus product line since 1999. From 1990 to 1995, Szor wrote and maintained his own antivirus program, Pasteur. A renowned computer virus and security researcher, Szor speaks frequently at the Virus Bulletin, EICAR, ICSA, and RSA conferences, as well as the USENIX Security Symposium. He currently serves on the advisory board of Virus Bulletin magazine, and is a founding member of the AVED (AntiVirus Emergency Discussion) network.
© Copyright Pearson Education. All rights reserved.
If you want something more up to date, try Practical Malware Analysis.
Well, some people may complain that this is a disappointing book in that it hasn't gone far enough to illustrate the necessary virus writing skills and they believe only in this way can one speciallized in virus defense benefit most. Again, this is not the truth as far as I see. If one simply want to write virus by following existing codes he can only gain a narrow horizon by focusing upon one or two popular virus. But as the old idiom goes, you will miss the forest by seeing a tree only. New virus are produced by those high-intelligent poeple everyday and promises to continue to come in the forseeable future. New technologies too, emerge and then disapper with the patch or hot fixes. But as long as you have a comprehensive knowledge of the basic of virus research and defense you will never lose in this battle against virus. I think the author has trying to model his book to be some thing beyond the mere technology collection but to present to us how one might equip himself with the fundamental knowledge of the virus's history, main ideas, or even try to give definition in some places. So this is why the author names his creation to be "Virus research & defense" instead of "virus writing & defense". And as far as I see, his attempt has been a huge success.
And what's more, even for people who are crazy about writing virus this book is not such a disappointment. It incorporate many code snippet into the book and these code has actually reveal the dark side of the virus and one smart enough and with some knowledge in coding will be able to rebuild the complete viruses. Those who complain about the lack of virus writing skills might better try to figure out the reason in themselves. Anyway, there are a lot of sample virus within your easy reach on the internet. So why take the trouble to reproduce it here?
And finally I would like to show my thanks for the great effort Peter has spent on this book. For me this book has brought to me great pleasures and it has helped to orgnize my knowledge about computer virus in a more systematical manner. For those either new to the area or those professionals this is a must read and you shouldn't miss it.
The only gripe I have is that it is perhaps not deep enough. While every important aspect of viruses and anti-virus defense is covered, some of them are not covered deeply enough. This is not the author's fault but the publisher's. Originally, the author intended to write two separate volumes (one dedicated to computer viruses and one dedicated to anti-virus defenses), covering in depth every aspect of these two areas. However, the publisher imposed size restrictions on him. Although the book is rather thick (700+ pages), the space is still not enough to cover in sufficient depth every important aspect of this field.
However, each chapter contains references for further reading and the interested reader can do their own research of the aspects that are not covered deeply enough.
In summary: excellent book, useful both as a textbook and as a reference. Great read, information-packed, useful. Just don't expect to find any "how to write a virus" recipies there - fortunately, the author went to great lengths to avoid them.