|
- Authors have investigated & prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader;
- First book to detail how to perform "live forensic" techniques on malicous code;
- In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications & requirements governing the subject matter.
This book covers the emerging and evolving field of "live forensics," where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss "live forensics" on a particular operating system, or in a generic context, this book emphasizes a live forensics & evidence collection methodology on both Windows and Linux operating systems in the context of identifying & capturing malicious code & evidence of its effect on the compromised system.
The book also devotes extensive coverage of the burgeoning forensic field of physical & process memory analysis on both Windows & Linux platforms. This book provides clear & concise guidance as to how to forensically capture & examine physical and process memory as a key investigative step in malicious code forensics.
Prior to this book, competing texts have described malicious code, accounted for its evolutionary history, and in some instances, dedicated a mere chapter or two to analyzing malicious code. | |
