The methods in this book give a view of the state of the art in fighting malware. Written at a strong technical level for people wanting to detect viruses, worms, Trojans and other net dangers. The authors draw together ideas from a wide variety of sources.



One aspect is that the simple idea of virus signatures is under increasing assault from polymorphic viruses that make room within their bodies to insert random bit sequences. Which means that behavioural detection schemes now become more important. In general, these can be much harder to do, than simply finding a signature of a file and then comparing it against a blacklist. This can be done without running the file. A very safe approach. But some behavioural methods might involve having to run the file in a sandbox. Which is more elaborate, and might have the possibility that the binary might do unwanted things or even break out of a badly coded sandbox.



You can consider the text as a good sequel to books that have already been out for a few years, like "Malware: Fighting Malicious Code" by Skoudis and Zeltser, or "Counter Hack Reloaded" by Skoudis and Liston. One obstacle might be the list price of $139. Unfortunately, this is typical of the publisher's offerings, which have a specialised and limited audience. Still, the price can be reasonable, if it exposes you to just one new idea that you would not otherwise have encountered.

Скачать книгу бесплатно (pdf, 16.27 Mb)

---

Читать «Malware Detection (Advances in Information Security)»