Table of Contents for
Hacking Exposed Malware & Rootkits: Security Secrets and Solutions, Second Edition, 2nd Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Hacking Exposed Malware & Rootkits: Security Secrets and Solutions, Second Edition, 2nd Edition by Aaron LeMasters Published by McGraw-Hill, 2016
  1. Cover
  2. Hacking Exposed Malware & Rootkits: Security Secrets and Solutions, Second Edition Davis
  3. Title Page
  4. Copyright Page
  5. Dedication
  6. Hacking Exposed Malware & Rootkits: Security Secrets and Solutions, Second Edition Davis
  7. Hacking Exposed Malware & Rootkits: Security Secrets and Solutions, Second Edition Davis
  8. Contents
  9. Foreword
  10. Acknowledgments
  11. Introduction
  12. Part I Malware
  13. 1 Malware Propagation
  14. 2 Malware Functionality
  15. Part II Rootkits
  16. 3 User-Mode Rootkits
  17. 4 Kernel-Mode Rootkits
  18. 5 Virtual Rootkits
  19. 6 The Future of Rootkits
  20. Part III Prevention Technologies
  21. 7 Antivirus
  22. 8 Host Protection Systems
  23. 9 Host-Based Intrusion Prevention
  24. 10 Rootkit Detection
  25. 11 General Security Practices
  26. Appendix System Integrity Analysis: Building Your Own Rootkit Detector
  27. Index

About the Authors

Christopher C. Elisan

Christopher C. Elisan is a veteran of the security industry, having started his career straight out of college in the 1990s. He is a seasoned reverse engineer and malware researcher. He has seen malware develop from the DOS days to the more complicated and sophisticated malware we see today. He is currently the Principal Malware Scientist and senior manager of the Malware Intelligence Team at RSA, The Security Division of EMC.

Elisan is a pioneer of Trend Micro’s TrendLabs, where he started his career as a malware reverse engineer. While there, he held multiple technical and managerial positions. After leaving Trend Micro, Elisan joined F-Secure, where he built and established F-Secure’s Asia R&D and spearheaded multiple projects that included vulnerability discovery, web security, and mobile security. He then joined Damballa, Inc., as a senior threat analyst specializing in malware research. Elisan graduated with a bachelor’s of science degree in computer engineering and holds the following industry certifications: Certified Ethical Hacker, Microsoft Certified Systems Engineer, Microsoft Certified Systems Administrator, Microsoft Certified Professional, and Certified Scrum Master.

Elisan is considered one of the world’s subject-matter experts when it comes to malware, digital fraud, and cybercrime. He lends his expertise to different law enforcement agencies, and he provides expert opinion about malware, botnets, and advanced persistent threats for leading industry and mainstream publications, including USA Today, San Francisco Chronicle, SC Magazine, InformationWeek, Fox Business, and Dark Reading. He is also a frequent speaker at various security conferences around the globe, including the RSA Conference, SecTor, HackerHalted, TakeDownCon, Toorcon, (ISC)² Security Congress, Rootcon, and B-Sides. He also authored Malware, Rootkits, & Botnets: A Beginner’s Guide (McGraw-Hill Professional, 2012).

When he is not dissecting or talking about malware, Christopher spends time with his kids playing basketball and video games. He and his family also enjoy watching the Atlanta Hawks beat the hell out of their opponents. If time permits, he lives his rock-star dream as a vocalist/guitarist with his local rock band in Atlanta.

You can follow him on Twitter: @Tophs.

Michael A. Davis

Michael A. Davis is CEO of Savid Technologies, Inc., a national technology and security consulting firm. Michael is well known in the open-source security industry because of his porting of security tools to the Windows platforms, including tools like snort, ngrep, dsniff, and honeyd. As a member of the Honeynet Project, he works to develop data and network control mechanisms for Windows-based honeynets. Michael is also the developer of sebek for Windows, a kernel-based data collection and monitoring tool for honeynets. Michael previously worked at McAfee, Inc., a leader in antivirus protection and vulnerability management, as Senior Manager of Global Threats, where he led a team of researchers investigating confidential and cutting-edge security research. Prior to being at McAfee, Michael worked at Foundstone.

Sean M. Bodmer, CISSP, CEH

Sean M. Bodmer is Director of Government Programs at Savid Corporation, Inc. Sean is an active honeynet researcher, specializing in the analysis of signatures, patterns, and the behavior of malware and attackers. Most notably, he has spent several years leading the operations and analysis of advanced intrusion detection systems (honeynets), where the motives and intent of attackers and their tools can be captured and analyzed in order to generate actionable intelligence to further protect customer networks. Sean has worked in various systems security–engineering roles for various federal government entities and private corporations over the past decade in the Washington, D.C., metropolitan area. Sean has also lectured across the United States at industry conferences such as DEFCON, PhreakNIC, DC3, NW3C, Carnegie Mellon CERT, and the Pentagon Security Forum, covering aspects of attacks and attacker assessment profiling to help identify the true motivations and intent behind cyberattacks.

Aaron LeMasters, CISSP, GCIH, CSTP

Aaron LeMasters (M.S., George Washington University) is a security researcher specializing in computer forensics, malware analysis, and vulnerability research. The first five years of his career were spent defending the undefendable DoD networks, and he is now a senior software engineer at Raytheon SI. Aaron enjoys sharing his research at both larger security conferences such as Black Hat and smaller, regional hacker cons like Outerz0ne. He prefers to pacify his short attention span with advanced research and development issues related to Windows internals, system integrity, reverse engineering, and malware analysis. He is an enthusiastic prototypist and enjoys developing tools that complement his research interests. In his spare time, Aaron plays basketball, sketches, jams on his Epiphone Les Paul, and travels frequently to New York City with his wife.

About the Contributing Author

Jason Lord

Jason Lord is currently COO of d3 Services, Ltd., a consulting firm providing cybersecurity solutions. Jason has been active in the information security field for the past 14 years, focusing on computer forensics, incident response, enterprise security, penetration testing, and malicious code analysis. During this time, Jason has responded to several hundred computer forensics and incident response cases globally. He is also an active member of the High Technology Crimes Investigation Association (HTCIA), InfraGard, and the International Systems Security Association (ISSA).

About the Technical Editor

Jong Purisima has been around threats and malware since he analyzed his first malware way back in 1995. Professionally, he started his affiliation with the computer industry by being part of the Virus Doctor team at Trend Micro, where he analyzed malware to generate detection, remediation, and customer-facing malware reports. Since then, he has mostly been involved in Security Labs operations, specifically Technology Product Management, delivering threat-centric security solutions for companies such as Trend Micro, Webroot, GFI-Sunbelt, Cisco, and Malwarebytes.

During his free time, Jong keeps himself busy as an amateur handyman and woodworker and loves hitting the trails and taking road trips, stopping to take photos at the “Welcome to (insert State name here)” signs with his family.