The Art of Memory Forensics Front Cover

The Art of Memory Forensics

by , , ,
  • Length: 912 pages
  • Edition: 1
  • Publisher:
  • Publication Date: 2014-07-28
  • ISBN-10: 1118825098
  • ISBN-13: 9781118825099
  • Sales Rank: #95241 (See Top 100 Books)
0
0 ratings
Print Book Look Inside
Description

The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory

Memory forensics provides cutting edge technology to help investigate digital attacks

Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes. As a follow-up to the best seller Malware Analyst’s Cookbook, experts in the fields of malware, security, and digital forensics bring you a step-by-step guide to memory forensics—now the most sought after skill in the digital forensics and incident response fields.

Beginning with introductory concepts and moving toward the advanced, The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory is based on a five day training course that the authors have presented to hundreds of students. It is the only book on the market that focuses exclusively on memory forensics and how to deploy such techniques properly. Discover memory forensics techniques:

  • How volatile memory analysis improves digital investigations
  • Proper investigative steps for detecting stealth malware and advanced threats
  • How to use free, open source tools for conducting thorough memory forensics
  • Ways to acquire memory from suspect systems in a forensically sound manner

The next era of malware and security breaches are more sophisticated and targeted, and the volatile memory of a computer is often overlooked or destroyed as part of the incident response process. The Art of Memory Forensics explains the latest technological innovations in digital forensics to help bridge this gap. It covers the most popular and recently released versions of Windows, Linux, and Mac, including both the 32 and 64-bit editions.

Table of Contents

Part I: An Introduction to Memory Forensics
Chapter 1: Systems Overview
Chapter 2: Data Structures
Chapter 3: The Volatility Framework
Chapter 4: Memory Acquisition

Part II: Windows Memory Forensics
Chapter 5: Windows Objects and Pool Allocations
Chapter 6: Processes, Handles, and Tokens
Chapter 7: Process Memory Internals
Chapter 8: Hunting Malware in Process Memory
Chapter 9: Event Logs
Chapter 10: Registry in Memory
Chapter 11: Networking
Chapter 12: Windows Services
Chapter 13: Kernel Forensics and Rootkits
Chapter 14: Windows GUI Subsystem, Part I
Chapter 15: Windows GUI Subsystem, Part II
Chapter 16: Disk Artifacts in Memory
Chapter 17: Event Reconstruction
Chapter 18: Timelining

Part III: Linux Memory Forensics
Chapter 19: Linux Memory Acquisition
Chapter 20: Linux Operating System
Chapter 21: Processes and Process Memory
Chapter 22: Networking Artifacts
Chapter 23: Kernel Memory Artifacts
Chapter 24: File Systems in Memory
Chapter 25: Userland Rootkits
Chapter 26: Kernel Mode Rootkits
Chapter 27: Case Study: Phalanx2

Part IV: Mac Memory Forensics
Chapter 28: Mac Acquisition and Internals
Chapter 29: Mac Memory Overview
Chapter 30: Malicious Code and Rootkits
Chapter 31: Tracking User Activity

Free ChaptersTry Audible and Get Two Free Audiobooks »
To access the link, solve the captcha.
Recommended BooksMore Similar Books »
Bypassing Memory Encryption: A Simpler, Non-Technical General Reading for Knowledge Hackers (Ethical Hacking and Penetration Testing) Cover
Bypassing Memory Encryption: A Simpler, Non-Technical General Reading for Knowledge Hackers (Ethical Hacking and Penetration Testing)
2024-03-14
0
Security-Driven Software Development: Learn to analyze and mitigate risks in your software projects Cover
Security-Driven Software Development: Learn to analyze and mitigate risks in your software projects
2024-03-15
1
Mastering HIPAA: A Comprehensive Guide to Learn HIPAA Cover
Mastering HIPAA: A Comprehensive Guide to Learn HIPAA
2023-11-04
0
CompTIA CySA+ Study Guide: The Easiest and Most Comprehensive Resource to Ace the Cybersecurity Analyst Exam |1-ON-1 SUPPORT| AUDIO VERSION |CASE STUDIES | STUDY AIDS and EXTRA RESOURCES (CS0-003) Cover
CompTIA CySA+ Study Guide: The Easiest and Most Comprehensive Resource to Ace the Cybersecurity Analyst Exam |1-ON-1 SUPPORT| AUDIO VERSION |CASE STUDIES | STUDY AIDS and EXTRA RESOURCES (CS0-003)
2024-03-10
0
Mastering Microsoft Intune, 2nd Edition: Deploy Windows 11, Windows 365 via Microsoft Intune, Copilot and Advance Management via Intune Suite Cover
Mastering Microsoft Intune, 2nd Edition: Deploy Windows 11, Windows 365 via Microsoft Intune, Copilot and Advance Management via Intune Suite
2024-03-13
0
The Cybersecurity Guide to Governance, Risk, and Compliance Cover
The Cybersecurity Guide to Governance, Risk, and Compliance
2024-05-28
0
Active Directory and PowerShell for Jobseekers: Learn how to create, manage, and secure user accounts Cover
Active Directory and PowerShell for Jobseekers: Learn how to create, manage, and secure user accounts
2024-02-09
0
HACKING WITH KALI LINUX WIRELESS PENETRATION Cover
HACKING WITH KALI LINUX WIRELESS PENETRATION
2024-02-16
0
Subscribe
Categories
Tags