The Experts below are selected from a list of 717 Experts worldwide ranked by ideXlab platform
James M Aquilina - One of the best experts on this subject based on the ideXlab platform.
-
Malware Forensics Field Guide for Windows Systems: Digital Forensics Field Guides
2012Co-Authors: Cameron H Malin, Eoghan Casey, James M AquilinaAbstract:The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a "toolkit" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigatorclear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab. A compendium of on-the-job tasks and checklists Specific for Linux-based systems in which new malware is developed every day Authors are world-renowned leaders in investigating and Analyzing Malicious Code Table of Contents Chapter 1. Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System Chapter 2. Memory Forensics: Analyzing Physical and Process Memory Dumps for Malware Artifacts Chapter 3. Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems Chapter 4. Legal Considerations Chapter 5. File Identification and Profiling Initial Analysis of a Suspect File on a Linux System Chapter 6. Analysis of a Suspect Program Appendix A: Tool Glossary
-
malware forensics investigating and Analyzing Malicious Code
2008Co-Authors: Cameron H Malin, Eoghan Casey, James M AquilinaAbstract:Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss "live forensics" on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing Malicious Code and evidence of its effect on the compromised system. Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in Malicious Code forensics. Prior to this book, competing texts have described Malicious Code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to Analyzing Malicious Code. Conversely, Malware Forensics: Investigating and Analyzing Malicious Code emphasizes the practical "how-to" aspect of Malicious Code investigation, giving deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static Code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more. * Winner of Best Book Bejtlich read in 2008!* http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html* Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader.* First book to detail how to perform "live forensic" techniques on malicous Code.* In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter
Aquilina James - One of the best experts on this subject based on the ideXlab platform.
-
Malware Forensics Field Guide for Linux Systems
2013Co-Authors: Malin Cameron, Casey Eoghan, Aquilina JamesAbstract:Malware Forensics Field Guide for Linux Systems is a handy reference that shows students the essential tools needed to do computer forensics analysis at the crime scene. It is part of Syngress Digital Forensics Field Guides, a series of companions for any digital and computer forensic student, investigator or analyst. Each Guide is a toolkit, with checklists for specific tasks, case studies of difficult situations, and expert analyst tips that will aid in recovering data from digital media that will be used in criminal prosecution. This book collects data from all methods of electronic data storage and transfer devices, including computers, laptops, PDAs and the images, spreadsheets and other types of files stored on these devices. It is specific for Linux-based systems, where new malware is developed every day. The authors are world-renowned leaders in investigating and Analyzing Malicious Code. Chapters cover malware incident response - volatile data collection and examination on a live Linux system; analysis of physical and process memory dumps for malware artifacts; post-mortem forensics - discovering and extracting malware and associated artifacts from Linux systems; legal considerations; file identification and profiling initial analysis of a suspect file on a Linux system; and analysis of a suspect program
-
Malware Forensics Field Guide for Windows Systems
2012Co-Authors: Malin Cameron, Casey Eoghan, Aquilina JamesAbstract:Malware Forensics Field Guide for Windows Systems is a handy reference that shows students the essential tools needed to do computer forensics analysis at the crime scene. It is part of Syngress Digital Forensics Field Guides, a series of companions for any digital and computer forensic student, investigator or analyst. Each Guide is a toolkit, with checklists for specific tasks, case studies of difficult situations, and expert analyst tips that will aid in recovering data from digital media that will be used in criminal prosecution. This book collects data from all methods of electronic data storage and transfer devices, including computers, laptops, PDAs and the images, spreadsheets and other types of files stored on these devices. It is specific for Windows-based systems, the largest running OS in the world. The authors are world-renowned leaders in investigating and Analyzing Malicious Code. Chapters cover malware incident response - volatile data collection and examination on a live Windows system; analysis of physical and process memory dumps for malware artifacts; post-mortem forensics - discovering and extracting malware and associated artifacts from Windows systems; legal considerations; file identification and profiling initial analysis of a suspect file on a Windows system; and analysis of a suspect program
Wan-hui Tseng - One of the best experts on this subject based on the ideXlab platform.
-
SAFECOMP - Handling Malicious Code on control systems
Lecture Notes in Computer Science, 2007Co-Authors: Wan-hui TsengAbstract:After the 911 terrorist attacks, the American government thoroughly investigated the vulnerabilities of infrastructure environment and found that the lack of security protection of most automated control systems is a vulnerable point. In order to ensure security in control systems, it is urgent to investigate the issue of potential Malicious Code, especially that made by insiders. This paper first discusses the undecidability of identifying all kinds of Malicious Code on control systems. However, effort to Analyzing Malicious Code pays since it may increase the difficulty of insider attacks and improve the safety and security of the system. This paper then classifies Malicious Codes based on control system characteristics. The potential Malicious Code classifications include time-dependent, data-dependent, behavior-dependent, input-dependent, violation of a certain theorem, and so on. Finally, the paper presents possible approaches to prevention and detection of Malicious Code on control systems.
Cameron H Malin - One of the best experts on this subject based on the ideXlab platform.
-
Malware Forensics Field Guide for Windows Systems: Digital Forensics Field Guides
2012Co-Authors: Cameron H Malin, Eoghan Casey, James M AquilinaAbstract:The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a "toolkit" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigatorclear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab. A compendium of on-the-job tasks and checklists Specific for Linux-based systems in which new malware is developed every day Authors are world-renowned leaders in investigating and Analyzing Malicious Code Table of Contents Chapter 1. Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System Chapter 2. Memory Forensics: Analyzing Physical and Process Memory Dumps for Malware Artifacts Chapter 3. Post-Mortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems Chapter 4. Legal Considerations Chapter 5. File Identification and Profiling Initial Analysis of a Suspect File on a Linux System Chapter 6. Analysis of a Suspect Program Appendix A: Tool Glossary
-
malware forensics investigating and Analyzing Malicious Code
2008Co-Authors: Cameron H Malin, Eoghan Casey, James M AquilinaAbstract:Malware Forensics: Investigating and Analyzing Malicious Code covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss "live forensics" on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing Malicious Code and evidence of its effect on the compromised system. Malware Forensics: Investigating and Analyzing Malicious Code also devotes extensive coverage of the burgeoning forensic field of physical and process memory analysis on both Windows and Linux platforms. This book provides clear and concise guidance as to how to forensically capture and examine physical and process memory as a key investigative step in Malicious Code forensics. Prior to this book, competing texts have described Malicious Code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to Analyzing Malicious Code. Conversely, Malware Forensics: Investigating and Analyzing Malicious Code emphasizes the practical "how-to" aspect of Malicious Code investigation, giving deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static Code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more. * Winner of Best Book Bejtlich read in 2008!* http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html* Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader.* First book to detail how to perform "live forensic" techniques on malicous Code.* In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter
Malin Cameron - One of the best experts on this subject based on the ideXlab platform.
-
Malware Forensics Field Guide for Linux Systems
2013Co-Authors: Malin Cameron, Casey Eoghan, Aquilina JamesAbstract:Malware Forensics Field Guide for Linux Systems is a handy reference that shows students the essential tools needed to do computer forensics analysis at the crime scene. It is part of Syngress Digital Forensics Field Guides, a series of companions for any digital and computer forensic student, investigator or analyst. Each Guide is a toolkit, with checklists for specific tasks, case studies of difficult situations, and expert analyst tips that will aid in recovering data from digital media that will be used in criminal prosecution. This book collects data from all methods of electronic data storage and transfer devices, including computers, laptops, PDAs and the images, spreadsheets and other types of files stored on these devices. It is specific for Linux-based systems, where new malware is developed every day. The authors are world-renowned leaders in investigating and Analyzing Malicious Code. Chapters cover malware incident response - volatile data collection and examination on a live Linux system; analysis of physical and process memory dumps for malware artifacts; post-mortem forensics - discovering and extracting malware and associated artifacts from Linux systems; legal considerations; file identification and profiling initial analysis of a suspect file on a Linux system; and analysis of a suspect program
-
Malware Forensics Field Guide for Windows Systems
2012Co-Authors: Malin Cameron, Casey Eoghan, Aquilina JamesAbstract:Malware Forensics Field Guide for Windows Systems is a handy reference that shows students the essential tools needed to do computer forensics analysis at the crime scene. It is part of Syngress Digital Forensics Field Guides, a series of companions for any digital and computer forensic student, investigator or analyst. Each Guide is a toolkit, with checklists for specific tasks, case studies of difficult situations, and expert analyst tips that will aid in recovering data from digital media that will be used in criminal prosecution. This book collects data from all methods of electronic data storage and transfer devices, including computers, laptops, PDAs and the images, spreadsheets and other types of files stored on these devices. It is specific for Windows-based systems, the largest running OS in the world. The authors are world-renowned leaders in investigating and Analyzing Malicious Code. Chapters cover malware incident response - volatile data collection and examination on a live Windows system; analysis of physical and process memory dumps for malware artifacts; post-mortem forensics - discovering and extracting malware and associated artifacts from Windows systems; legal considerations; file identification and profiling initial analysis of a suspect file on a Windows system; and analysis of a suspect program
