• Complain

Bratus Sergey - Rootkits and bootkits: reversing modern malware and next generationthreats

Here you can read online Bratus Sergey - Rootkits and bootkits: reversing modern malware and next generationthreats full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. City: San Francisco;California, year: 2019, publisher: No Starch Press, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

No cover
  • Book:
    Rootkits and bootkits: reversing modern malware and next generationthreats
  • Author:
  • Publisher:
    No Starch Press
  • Genre:
  • Year:
    2019
  • City:
    San Francisco;California
  • Rating:
    3 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 60
    • 1
    • 2
    • 3
    • 4
    • 5

Rootkits and bootkits: reversing modern malware and next generationthreats: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Rootkits and bootkits: reversing modern malware and next generationthreats" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Rootkits and Bootkits will teach you how to understand and counter sophisticated, advanced threats buried deep in a machines boot process or UEFI firmware.
With the aid of numerous case studies and professional research from three of the worlds leading security experts, youll trace malware development over time from rootkits like TDL3 to present-day UEFI implants and examine how they infect a system, persist through reboot, and evade security software. As you inspect and dissect real malware, youll learn:
How Windows bootsincluding 32-bit, 64-bit, and UEFI modeand where to find vulnerabilities
The details of boot process security mechanisms like Secure Boot, including an overview of Virtual Secure Mode (VSM) and Device Guard
Reverse engineering and forensic techniques for analyzing real malware, including bootkits like Rovnix/Carberp, Gapz, TDL4, and the infamous rootkits TDL3 and Festi
How to perform static and...

Bratus Sergey: author's other books


Who wrote Rootkits and bootkits: reversing modern malware and next generationthreats? Find out the surname, the name of the author of the book and a list of all author's works by series.

Rootkits and bootkits: reversing modern malware and next generationthreats — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Rootkits and bootkits: reversing modern malware and next generationthreats" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Contents in Detail
Rootkits and bootkits reversing modern malware and next generationthreats - image 1
ROOTKITS AND BOOTKITS

Reversing Modern Malware and Next Generation Threats

by Alex Matrosov, Eugene Rodionov, and Sergey Bratus

Rootkits and bootkits reversing modern malware and next generationthreats - image 2

San Francisco

ROOTKITS AND BOOTKITS. Copyright 2019 by Alex Matrosov, Eugene Rodionov, and Sergey Bratus.

All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owners and the publisher.

ISBN-10: 1-59327-716-4
ISBN-13: 978-1-59327-716-1

Publisher: William Pollock
Production Editor: Laurel Chun
Cover Illustration: Garry Booth Interior Design: Octopod Studios
Developmental Editors: Liz Chadwick, William Pollock, and Frances Saux
Technical Reviewer: Rodrigo Rubira Branco
Copyeditor: Rachel Monaghan
Compositors: Kassie Andreadis and Britt Bogan
Proofreader: Paula L. Fleming
Indexer: Erica Orloff

For information on distribution, translations, or bulk sales, please contact No Starch Press, Inc. directly:

No Starch Press, Inc.
245 8th Street, San Francisco, CA 94103
phone: 1.415.863.9900;
www.nostarch.com

Library of Congress Control Number: 2018949204

No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.

The information in this book is distributed on an As Is basis, without warranty. While every precaution has been taken in the preparation of this work, neither the authors nor No Starch Press, Inc. shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it.

To our families and to those who made this book possible

About the Authors

Alex Matrosov is a leading offensive security researcher at NVIDIA. He has more than two decades of experience with reverse engineering, advanced malware analysis, firmware security, and exploitation techniques. Before joining NVIDIA, Alex served as Principal Security Researcher at Intel Security Center of Excellence (SeCoE), spent more than six years in the Intel Advanced Threat Research team, and was Senior Security Researcher at ESET. Alex has authored and co-authored numerous research papers and is a frequent speaker at security conferences, including REcon, ZeroNights, Black Hat, DEFCON, and others. Alex received an award from Hex-Rays for his open source plug-in HexRaysCodeXplorer, supported since 2013 by the team at REhint.

Eugene Rodionov, PhD, is a Security Researcher at Intel working in BIOS security for Client Platforms. Before that, Rodionov ran internal research projects and performed in-depth analysis of complex threats at ESET. His fields of interest include firmware security, kernel-mode programming, anti-rootkit technologies, and reverse engineering. Rodionov has spoken at security conferences, such as Black Hat, REcon, ZeroNights, and CARO, and has co-authored numerous research papers.

Sergey Bratus is a Research Associate Professor in the Computer Science Department at Dartmouth College. He has previously worked at BBN Technologies on Natural Language Processing research. Bratus is interested in all aspects of Unix security, in particular Linux kernel security, and detection and reverse engineering of Linux malware.

About the Technical Reviewer

Rodrigo Rubira Branco (BSDaemon) works as Chief Security Researcher at Intel Corporation where he leads the STORM (Strategic Offensive Research and Mitigations) team. Rodrigo released dozens of vulnerabilities in many important technologies and published innovative research in exploitation, reverse engineering, and malware analysis. He is a member of the RISE Security Group and is one of the organizers of the Hackers to Hackers Conference (H2HC), the oldest security research conference in Latin America.

BRIEF CONTENTS
FOREWORD

It is an undeniable fact that malware usage is a growing threat to computer security. We see alarming statistics everywhere demonstrating the increase in malwares financial impact, its complexity, and the sheer number of malicious samples. More security researchers than ever, in both industry and academia, are studying malware and publishing research across a wide spectrum of venues, from blogs and industry conferences to academic settings and books dedicated to the subject. These publications cover all kinds of angles: reverse engineering, best practices, methodology, and best-of-breed toolsets.

Thus, a lot of discussions on malware analysis and automation tooling are already taking place, and every day brings more. So you might be wondering: Why another book on the subject? What does this book bring to the table that others havent?

First and foremost, while this book is about the reverse engineering of advancedby which I mean innovativemalware, it covers all the foundational knowledge about why that piece of code in the malware was possible in the first place. This book explains the inner workings of the different components affectedfrom the platforms bootup, through the operating system loading to different kernel components, and to the application layer operation, which flows back down into the kernel.

I have found myself more than once explaining that foundational coverage is not the same as basicalthough it does need to extend down to the base, the essential building blocks of computing. And by that measure, this book is about more than just malware. It is a discussion of how computers work, how the modern software stack uses both the basic machine capabilities and the user interfaces. Once you know all that, you start automagically understanding how and why things break and how and why they can be abused.

Who better to provide this guidance than authors with a track record of unveilingon multiple occasionstruly advanced malicious code that pushed the envelope on the state of the art in every case? Add to that the deliberate and laborious effort to connect that experience back to the foundations of computers and the bigger picture, such as how to analyze and understand different problems with similar conceptual characteristics, and its a no-brainer why this book should be at the top of your reading list.

If the content and methodology chosen more than justify the need for such a book, the next question is why no one took on the challenge of writing one before. Ive seen (and had the honor of actively participating in and hopefully contributing to) the evolution of this book, which took several years of constant effort, even with all the raw materials the authors already had. Through that experience, it became clear to me why no one else had tried it before: not only is it hard, but it also requires the right mix of skills (which, given the authors background, they clearly possess), the right support from the editors (which No Starch offered, working patiently through the editing process and accepting the unavoidable mid-project delays due to the shifting realities of offensive security work), and, last but not least, the enthusiasm of early access readers (who were essential for driving this work toward the finish line).

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Rootkits and bootkits: reversing modern malware and next generationthreats»

Look at similar books to Rootkits and bootkits: reversing modern malware and next generationthreats. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Rootkits and bootkits: reversing modern malware and next generationthreats»

Discussion, reviews of the book Rootkits and bootkits: reversing modern malware and next generationthreats and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.