Reset Filters
Filter Related Topics: Failure analysis (Engineering)

Cover is for reference only

The art of memory forensics : detecting malware and threats in Windows, Linux, and Mac memory /

As a followup to the best-seller Malware Analyst's Cookbook, experts in IT security bring you a step-by-step guide to memory forensics-now the most sought after skill in the digital forensics and incident response fields. Beginning with introductory concepts and moving toward the advanced, The...

Full description

Saved in:
Bibliographic Details
Main Authors: Ligh, Michael Hale (Author)
Group Author: Case, Andrew; Levy, Jamie; Walters, Aaron
Published: John Wiley and Sons,
Publisher Address: Indianapolis, Indiana
Publication Dates: [2014]
Literature type: Book
Language: English
Subjects:
Computer networks > Security measures.
Computer storage devices > Security measures.
Malware (Computer software)
Computer security.
Computer crimes.
Summary: As a followup to the best-seller Malware Analyst's Cookbook, experts in IT security bring you a step-by-step guide to memory forensics-now the most sought after skill in the digital forensics and incident response fields. Beginning with introductory concepts and moving toward the advanced, The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory, teaches the art of analysing computer memory (RAM) to solve digital crimes.
Item Description: Includes index.
Carrier Form: xxiii, 886 pages : illustrations ; 24 cm
ISBN: 9781118825099 :
1118825098
9781118825044
1118825047
9781118824993
1118824997
CLC: TP393.08
Call Number: TP393.08/L723
Contents: Machine generated contents note: 1.Systems Overview -- Digital Environment -- PC Architecture -- Operating Systems -- Process Management -- Memory Management -- File System -- I/O Subsystem -- Summary -- 2.Data Structures -- Basic Data Types -- Summary -- 3.The Volatility Framework -- Why Volatility? -- What Volatility Is Not -- Installation -- The Framework -- Using Volatility -- Summary -- 4.Memory Acquisition -- Preserving the Digital Environment -- Software Tools -- Memory Dump Formats -- Converting Memory Dumps -- Volatile Memory on Disk -- Summary -- 5.Windows Objects and Pool Allocations -- Windows Executive Objects -- Pool-Tag Scanning -- Limitations of Pool Scanning -- Big Page Pool -- Pool-Scanning Alternatives -- Summary ...
Contents note continued: Summary.

Related Book Recommendations