• Complain

Metula - Managed Code Rootkits: Hooking into Runtime Environments

Here you can read online Metula - Managed Code Rootkits: Hooking into Runtime Environments full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. City: Saint Louis, year: 2014, publisher: Elsevier Science, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Metula Managed Code Rootkits: Hooking into Runtime Environments
  • Book:
    Managed Code Rootkits: Hooking into Runtime Environments
  • Author:
  • Publisher:
    Elsevier Science
  • Genre:
  • Year:
    2014
  • City:
    Saint Louis
  • Rating:
    5 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 100
    • 1
    • 2
    • 3
    • 4
    • 5

Managed Code Rootkits: Hooking into Runtime Environments: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Managed Code Rootkits: Hooking into Runtime Environments" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Endnote -- Chapter 7. Automated Framework Modification -- What is ReFrameworker? -- ReFrameworker Modules Concept -- Using the Tool -- Developing New Modules -- Setting Up the Tool -- Summary -- Chapter 8. Advanced Topics -- Object-Oriented-Aware Malware -- Thread Injection -- State Manipulation -- Covering the Traces As Native Code -- Summary -- Part III: Countermeasures -- Chapter 9. Defending against MCRs -- What Can We Do about This Kind of Threat? -- Awareness: Malware Is Everybodys Problem -- The Prevention Approach -- The Detection Approach -- The Response Approach.

Endnote -- Part IV: Where Do We Go from Here? -- Chapter 10. Other Uses of Runtime Modification -- Runtime Modification As an Alternative Problem-Solving Approach -- Runtime Hardening -- Summary -- Index.

Managed Code Rootkits is the first book to cover application-level rootkits and other types of malware inside the application VM, which runs a platform-independent programming environment for processes. The book, divided into four parts, points out high-level attacks, which are developed in intermediate language. The initial part of the book offers an overview of managed code rootkits. It explores environment models of managed code and the relationship of managed code to rootkits by studying how they use application VMs. It also discusses attackers of managed code rootkits and various attack scenarios. The second part of the book covers the development of managed code rootkits, starting with the tools used in producing managed code rootkits through their deployment. The next part focuses on countermeasures that can possibly be used against managed code rootkits, including technical solutions, prevention, detection, and response tactics. The book concludes by presenting techniques that are somehow similar to managed code rootkits, which can be used in solving problems. Named a 2011 Best Hacking and Pen Testing Book by InfoSec ReviewsIntroduces the reader briefly to managed code environments and rootkits in generalCompletely details a new type of rootkit hiding in the application level and demonstrates how a hacker can change language runtime implementationFocuses on managed code including Java, .NET, Android Dalvik and reviews malware development scanarios. Read more...
Abstract: Endnote -- Chapter 7. Automated Framework Modification -- What is ReFrameworker? -- ReFrameworker Modules Concept -- Using the Tool -- Developing New Modules -- Setting Up the Tool -- Summary -- Chapter 8. Advanced Topics -- Object-Oriented-Aware Malware -- Thread Injection -- State Manipulation -- Covering the Traces As Native Code -- Summary -- Part III: Countermeasures -- Chapter 9. Defending against MCRs -- What Can We Do about This Kind of Threat? -- Awareness: Malware Is Everybodys Problem -- The Prevention Approach -- The Detection Approach -- The Response Approach.

Endnote -- Part IV: Where Do We Go from Here? -- Chapter 10. Other Uses of Runtime Modification -- Runtime Modification As an Alternative Problem-Solving Approach -- Runtime Hardening -- Summary -- Index.

Managed Code Rootkits is the first book to cover application-level rootkits and other types of malware inside the application VM, which runs a platform-independent programming environment for processes. The book, divided into four parts, points out high-level attacks, which are developed in intermediate language. The initial part of the book offers an overview of managed code rootkits. It explores environment models of managed code and the relationship of managed code to rootkits by studying how they use application VMs. It also discusses attackers of managed code rootkits and various attack scenarios. The second part of the book covers the development of managed code rootkits, starting with the tools used in producing managed code rootkits through their deployment. The next part focuses on countermeasures that can possibly be used against managed code rootkits, including technical solutions, prevention, detection, and response tactics. The book concludes by presenting techniques that are somehow similar to managed code rootkits, which can be used in solving problems. Named a 2011 Best Hacking and Pen Testing Book by InfoSec ReviewsIntroduces the reader briefly to managed code environments and rootkits in generalCompletely details a new type of rootkit hiding in the application level and demonstrates how a hacker can change language runtime implementationFocuses on managed code including Java, .NET, Android Dalvik and reviews malware development scanarios

Metula: author's other books


Who wrote Managed Code Rootkits: Hooking into Runtime Environments? Find out the surname, the name of the author of the book and a list of all author's works by series.

Managed Code Rootkits: Hooking into Runtime Environments — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Managed Code Rootkits: Hooking into Runtime Environments" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make

Managed Code Rootkits

Hooking into Runtime Environments

Erez Metula

Syngress

Front Matter

Managed Code Rootkits

Hooking into Runtime Environments

Erez Metula


Managed Code Rootkits Hooking into Runtime Environments - image 1

AMSTERDAM BOSTON HEIDELBERG LONDON
NEW YORK OXFORD PARIS SAN DIEGO
SAN FRANCISCO SINGAPORE SYDNEY TOKYO

Syngress is an imprint of Elsevier

Managed Code Rootkits Hooking into Runtime Environments - image 2
Copyright

Acquiring Editor: Rachel Roumeliotis

Development Editor: Matthew Cater

Project Manager: Laura Smith

Designer: Kristen Davis

Syngress is an imprint of Elsevier

30 Corporate Drive, Suite 400, Burlington, MA 01803, USA

2011 Elsevier, Inc. All rights reserved.

No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher's permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.

This book and the individual contributions contained in it are protected under copyright by the Publisher(other than as may be noted herein).

Notices

Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.

To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.

Library of Congress Cataloging-in-Publication Data

Metula, Erez.

Managed code rootkits : hooking into runtime environments / Erez Metula.

p. cm.

Includes bibliographical references and index.

Summary: Introduces the reader briefly to managed code environments and rootkits in generalCompletely details a new type of rootkit hiding in the application level and demonstrates how a hacker can change language runtime implementationFocuses on managed code including Java, .Net, Android Dalvik, and reviews malware development scenarios Provided by publisher.

ISBN 978-1-59749-574-5

1. ComputersAccess control. 2. Virtual computer systemsSecurity measures. 3. Rootkits (Computer software) 4. Common Language Runtime (Computer science) 5. Computer security. I. Title.

QA76.9.A25M487 2010

005.8dc22

2010036631

British Library Cataloguing-in-Publication Data

A catalogue record for this book is available from the British Library.

ISBN: 978-1-59749-574-5

Printed in the United States of America

10 11 12 13 14 10 9 8 7 6 5 4 3 2 1

Typeset by: diacriTech, India

For information on all Syngress publications visit our website at - photo 3

For information on all Syngress publications visit our website at www.syngress.com

Acknowledgements

This book was written in about half a year, during which I invested all my spare time outside work writing, investigating, doing some experiments, coding some cool examples and eventually wrapping it all up into a book that presents the reader with an exciting idea. The writing of this book was made possible with the help of some special people, for which I would like to say thank you.

I want to thank my parents for their education, providing me with the strong feeling that knowledge is one of the most important things in life, and especially my mom who invested time, energy, and money in my education when I was very young. She always gave me the freedom to do what I felt right and to make my own decisions in life. She led me to learn new things, and encouraged me to broaden my horizons and explore untamed landsexperiences that this book wouldn't be written without.

Special thanks goes to my wife Yaarit, for her support during the countless hours (especially on weekends) devoted for authoring this bookthanks for your understanding, allowing me to lock myself up in the office while working on the book rather than spending more time with youI owe you for that, and thanks for all your help. This book could not have been completed without your supportyou are one of a kind! And now that the writing is over, I will finally have my time back to share with you and our baby.

Thanks to Rachel Roumeliotis and Mathew Cater at Syngress who helped me along the long journey of making this book a reality. Rachel, thanks for approaching me after my presentation at Black Hat and suggesting I write a book on that topic. I didn't think about it before your suggestion. Matt, thanks for all the countless hours you invested in editing my raw chaptersyou are an editor that every author should wish for.

I also want to thank Michael Howard, who I was honored to have as the technical editor for my book. Thank you for sharing your great knowledge as an expert in the field of application security and your experience as an author who wrote a couple of books in his life, your comments and suggestions were invaluable. The book would definitely look different without you.

About the Author

Erez Metula is an application security researcher specializing in secure development practices, penetration testing, code reviews, and security training for developers. He has extensive hands-on experience performing security assessments and training for organizations worldwide.

Erez is the founder of AppSec. He is also a leading instructor at many information security training sessions. He is a constant speaker at security conferences, and has spoken at Black Hat, DEF CON, CanSecWest, OWASP and more.

He holds a CISSP certification and is working toward an M.Sc. in computer science.

Part I

Overview

Chapter 1 Introduction

Information in this chapter

Malware is software designed to perform malicious activities on victims' machines without their consent. Attackers use malware to spy on their victims, control their machines, steal sensitive information, and even make their victims' machines act as bridges to internal networks. Rootkits are a type of malware originally designed to allow attackers to manipulate important parts of the UNIX operating system so that they could gain administrative (root) access to a victim's machine. But rootkits have evolved, and today they're targeted at such layers of the computational model as the kernel, hardware, and hypervisor. This book focuses on managed code rootkits, which are application-level rootkits hidden inside managed code environment libraries and designed to let attackers manipulate applications so they perform tasks not originally intended by the application's developer. After a general discussion of malware, this chapter explains what managed code rootkits are and what attackers can do with them.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Managed Code Rootkits: Hooking into Runtime Environments»

Look at similar books to Managed Code Rootkits: Hooking into Runtime Environments. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Managed Code Rootkits: Hooking into Runtime Environments»

Discussion, reviews of the book Managed Code Rootkits: Hooking into Runtime Environments and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.