• Complain

Matrosov Alex - Rootkits and bootkits: reversing modern malware and next generation threats

Here you can read online Matrosov Alex - Rootkits and bootkits: reversing modern malware and next generation threats full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. City: San Francisco, year: 2019, publisher: No Starch Press, Inc, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

No cover
  • Book:
    Rootkits and bootkits: reversing modern malware and next generation threats
  • Author:
  • Publisher:
    No Starch Press, Inc
  • Genre:
  • Year:
    2019
  • City:
    San Francisco
  • Rating:
    5 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 100
    • 1
    • 2
    • 3
    • 4
    • 5

Rootkits and bootkits: reversing modern malware and next generation threats: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Rootkits and bootkits: reversing modern malware and next generation threats" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Rootkits and Bootkitsdelivers a master class in malware evolution that will give you the techniques and tools necessary to counter sophisticated, advanced threats. Were talking hard stuff - attacks buried deep in a machines boot process or UEFI firmware that keep malware analysts up late at night.
Security experts Alex Matrosov, Eugene Rodionov, and Sergey Bratus share the knowledge theyve gained over years of professional research. With these field notes, youll trace malware evolution from rootkits like TDL3 to present day UEFI implants and examine how these malware infect the system, persist through reboot, and evade security software. While you inspect real malware under the microscope, youll learn:
-The details of the Windows boot process, from 32-bit to 64-bit and UEFI, and where its vulnerable.
-Boot process security mechanisms like Secure Boot, the kernel-mode signing policy include some details about recent technologies like Virtual Secure Mode (VSM) and Device Guard.
-The reverse engineering and forensic approaches for real malware discovered in the wild, including bootkits like Rovnix/Carberp, Gapz, TDL4 and the infamous rootkits TDL3 and Festi.
-How to perform boot process dynamic analysis using emulation and virtualization
-Modern BIOS-based rootkits and implants with directions for forensic analysis
Cybercrime syndicates and malicious actors keep pushing the envelope, writing ever more persistent and covert attacks. But the game is not lost. Explore the cutting edge of malware analysis withRootkits and Bootkits.

Covers boot processes for Windows 32-bit and 64-bit operating systems.

Matrosov Alex: author's other books


Who wrote Rootkits and bootkits: reversing modern malware and next generation threats? Find out the surname, the name of the author of the book and a list of all author's works by series.

Rootkits and bootkits: reversing modern malware and next generation threats — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Rootkits and bootkits: reversing modern malware and next generation threats" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Contents in Detail
Rootkits and bootkits reversing modern malware and next generation threats - image 1
ROOTKITS AND BOOTKITS

Reversing Modern Malware and Next Generation Threats

by Alex Matrosov, Eugene Rodionov, and Sergey Bratus

Rootkits and bootkits reversing modern malware and next generation threats - image 2

San Francisco

ROOTKITS AND BOOTKITS. Copyright 2019 by Alex Matrosov, Eugene Rodionov, and Sergey Bratus.

All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owners and the publisher.

ISBN-10: 1-59327-716-4
ISBN-13: 978-1-59327-716-1

Publisher: William Pollock
Production Editor: Laurel Chun
Cover Illustration: Garry Booth Interior Design: Octopod Studios
Developmental Editors: Liz Chadwick, William Pollock, and Frances Saux
Technical Reviewer: Rodrigo Rubira Branco
Copyeditor: Rachel Monaghan
Compositors: Kassie Andreadis and Britt Bogan
Proofreader: Paula L. Fleming
Indexer: Erica Orloff

For information on distribution, translations, or bulk sales, please contact No Starch Press, Inc. directly:

No Starch Press, Inc.
245 8th Street, San Francisco, CA 94103
phone: 1.415.863.9900;
www.nostarch.com

Library of Congress Control Number: 2018949204

No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.

The information in this book is distributed on an As Is basis, without warranty. While every precaution has been taken in the preparation of this work, neither the authors nor No Starch Press, Inc. shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it.

To our families and to those who made this book possible

About the Authors

Alex Matrosov is a leading offensive security researcher at NVIDIA. He has more than two decades of experience with reverse engineering, advanced malware analysis, firmware security, and exploitation techniques. Before joining NVIDIA, Alex served as Principal Security Researcher at Intel Security Center of Excellence (SeCoE), spent more than six years in the Intel Advanced Threat Research team, and was Senior Security Researcher at ESET. Alex has authored and co-authored numerous research papers and is a frequent speaker at security conferences, including REcon, ZeroNights, Black Hat, DEFCON, and others. Alex received an award from Hex-Rays for his open source plug-in HexRaysCodeXplorer, supported since 2013 by the team at REhint.

Eugene Rodionov, PhD, is a Security Researcher at Intel working in BIOS security for Client Platforms. Before that, Rodionov ran internal research projects and performed in-depth analysis of complex threats at ESET. His fields of interest include firmware security, kernel-mode programming, anti-rootkit technologies, and reverse engineering. Rodionov has spoken at security conferences, such as Black Hat, REcon, ZeroNights, and CARO, and has co-authored numerous research papers.

Sergey Bratus is a Research Associate Professor in the Computer Science Department at Dartmouth College. He has previously worked at BBN Technologies on Natural Language Processing research. Bratus is interested in all aspects of Unix security, in particular Linux kernel security, and detection and reverse engineering of Linux malware.

About the Technical Reviewer

Rodrigo Rubira Branco (BSDaemon) works as Chief Security Researcher at Intel Corporation where he leads the STORM (Strategic Offensive Research and Mitigations) team. Rodrigo released dozens of vulnerabilities in many important technologies and published innovative research in exploitation, reverse engineering, and malware analysis. He is a member of the RISE Security Group and is one of the organizers of the Hackers to Hackers Conference (H2HC), the oldest security research conference in Latin America.

BRIEF CONTENTS
FOREWORD

It is an undeniable fact that malware usage is a growing threat to computer security. We see alarming statistics everywhere demonstrating the increase in malwares financial impact, its complexity, and the sheer number of malicious samples. More security researchers than ever, in both industry and academia, are studying malware and publishing research across a wide spectrum of venues, from blogs and industry conferences to academic settings and books dedicated to the subject. These publications cover all kinds of angles: reverse engineering, best practices, methodology, and best-of-breed toolsets.

Thus, a lot of discussions on malware analysis and automation tooling are already taking place, and every day brings more. So you might be wondering: Why another book on the subject? What does this book bring to the table that others havent?

First and foremost, while this book is about the reverse engineering of advancedby which I mean innovativemalware, it covers all the foundational knowledge about why that piece of code in the malware was possible in the first place. This book explains the inner workings of the different components affectedfrom the platforms bootup, through the operating system loading to different kernel components, and to the application layer operation, which flows back down into the kernel.

I have found myself more than once explaining that foundational coverage is not the same as basicalthough it does need to extend down to the base, the essential building blocks of computing. And by that measure, this book is about more than just malware. It is a discussion of how computers work, how the modern software stack uses both the basic machine capabilities and the user interfaces. Once you know all that, you start automagically understanding how and why things break and how and why they can be abused.

Who better to provide this guidance than authors with a track record of unveilingon multiple occasionstruly advanced malicious code that pushed the envelope on the state of the art in every case? Add to that the deliberate and laborious effort to connect that experience back to the foundations of computers and the bigger picture, such as how to analyze and understand different problems with similar conceptual characteristics, and its a no-brainer why this book should be at the top of your reading list.

If the content and methodology chosen more than justify the need for such a book, the next question is why no one took on the challenge of writing one before. Ive seen (and had the honor of actively participating in and hopefully contributing to) the evolution of this book, which took several years of constant effort, even with all the raw materials the authors already had. Through that experience, it became clear to me why no one else had tried it before: not only is it hard, but it also requires the right mix of skills (which, given the authors background, they clearly possess), the right support from the editors (which No Starch offered, working patiently through the editing process and accepting the unavoidable mid-project delays due to the shifting realities of offensive security work), and, last but not least, the enthusiasm of early access readers (who were essential for driving this work toward the finish line).

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Rootkits and bootkits: reversing modern malware and next generation threats»

Look at similar books to Rootkits and bootkits: reversing modern malware and next generation threats. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Rootkits and bootkits: reversing modern malware and next generation threats»

Discussion, reviews of the book Rootkits and bootkits: reversing modern malware and next generation threats and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.