Rootkits and Bootkits will teach you how to understand and counter sophisticated, advanced threats buried deep in a machine’s boot process or UEFI firmware.
With the aid of numerous case studies and professional research from three of the world’s leading security experts, you’ll trace malware development over time from rootkits like TDL3 to present-day UEFI implants and examine how they infect a system, persist through reboot, and evade security software. As you inspect and dissect real malware, you’ll learn:
• How Windows boots—including 32-bit, 64-bit, and UEFI mode—and where to find vulnerabilities
• The details of boot process security mechanisms like Secure Boot, including an overview of Virtual Secure Mode (VSM) and Device Guard
• Reverse engineering and forensic techniques for analyzing real malware, including bootkits like Rovnix/Carberp, Gapz, TDL4, and the infamous rootkits TDL3 and Festi
• How to perform static and dynamic analysis using emulation and tools like Bochs and IDA Pro
• How to better understand the delivery stage of threats against BIOS and UEFI firmware in order to create detection capabilities
• How to use virtualization tools like VMware Workstation to reverse engineer bootkits and the Intel Chipsec tool to dig into forensic analysis
Cybercrime syndicates and malicious actors will continue to write ever more persistent and covert attacks, but the game is not lost. Explore the cutting edge of malware analysis with Rootkits and Bootkits.
Covers boot processes for Windows 32-bit and 64-bit operating systems.
Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.
Alex Matrosov is a leading offensive security researcher at NVIDIA. He has more than two decades of experience with reverse engineering, advanced malware analysis, firmware security, and exploitation techniques. Before joining NVIDIA, Alex served as Principal Security Researcher at Intel Security Center of Excellence (SeCoE), spent more than six years in the Intel Advanced Threat Research team, and was Senior Security Researcher at ESET. Alex has authored and co-authored numerous research papers and is a frequent speaker at security conferences, including REcon, ZeroNights, Black Hat, DEFCON, and others. Alex received an award from Hex-Rays for his open source plug-in HexRaysCodeXplorer, supported since 2013 by the team at REhint.
Eugene Rodionov, PhD, is a Security Researcher at Intel working in BIOS security for Client Platforms. Before that, Rodionov ran internal research projects and performed in-depth analysis of complex threats at ESET. His fields of interest include firmware security, kernel-mode programming, anti-rootkit technologies, and reverse engineering. Rodionov has spoken at security conferences, such as Black Hat, REcon, ZeroNights, and CARO, and has co-authored numerous research papers.
Sergey Bratus is a Research Associate Professor in the Computer Science Department at Dartmouth College. He has previously worked at BBN Technologies on Natural Language Processing research. Bratus is interested in all aspects of Unix security, in particular Linux kernel security, and detection and reverse engineering of Linux malware.
Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.
Da: HPB-Red, Dallas, TX, U.S.A.
Paperback. Condizione: Good. Connecting readers with great books since 1972! Used textbooks may not include companion materials such as access codes, etc. May have some wear or writing/highlighting. We ship orders daily and Customer Service is our top priority! Codice articolo S_460593675
Quantità: 1 disponibili
Da: HPB-Red, Dallas, TX, U.S.A.
Paperback. Condizione: Acceptable. Connecting readers with great books since 1972. Used textbooks may not include companion materials such as access codes, etc. May have condition issues including wear and notes/highlighting. We ship orders daily and Customer Service is our top priority! Codice articolo S_443247021
Quantità: 1 disponibili
Da: World of Books (was SecondSale), Montgomery, IL, U.S.A.
Condizione: Good. Item in good condition. Textbooks may not include supplemental items i.e. CDs, access codes etc. Codice articolo 00101238147
Quantità: 1 disponibili
Da: ThriftBooks-Dallas, Dallas, TX, U.S.A.
Paperback. Condizione: Good. No Jacket. Former library book; Pages can have notes/highlighting. Spine may show signs of wear. ~ ThriftBooks: Read More, Spend Less. Codice articolo G1593277164I3N10
Quantità: 1 disponibili
Da: Big River Books, Powder Springs, GA, U.S.A.
Condizione: good. This book is in good condition. The cover has minor creases or bends. The binding is tight and pages are intact. Some pages may have writing or highlighting. Codice articolo BRV.1593277164.G
Quantità: 1 disponibili
Da: Isle of Books, Bozeman, MT, U.S.A.
Paper Back. Condizione: Good. Codice articolo 596545
Quantità: 1 disponibili
Da: Better World Books Ltd, Dunfermline, Regno Unito
Condizione: Very Good. Pages intact with possible writing/highlighting. Binding strong with minor wear. Dust jackets/supplements may not be included. Stock photo provided. Product includes identifying sticker. Better World Books: Buy Books. Do Good. Codice articolo 18907039-6
Quantità: 3 disponibili
Da: Better World Books, Mishawaka, IN, U.S.A.
Condizione: Good. Pages intact with minimal writing/highlighting. The binding may be loose and creased. Dust jackets/supplements are not included. Stock photo provided. Product includes identifying sticker. Better World Books: Buy Books. Do Good. Codice articolo 57679916-6
Quantità: 1 disponibili
Da: GreatBookPrices, Columbia, MD, U.S.A.
Condizione: New. Codice articolo 30706308-n
Quantità: 15 disponibili
Da: INDOO, Avenel, NJ, U.S.A.
Condizione: New. Codice articolo 9781593277161
Quantità: Più di 20 disponibili