Malware Forensics Field Guide for Linux Systems

Book Description

Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides

The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a “toolkit” with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab.

• A compendium of on-the-job tasks and checklists
• Specific for Linux-based systems in which new malware is developed every day
• Authors are world-renowned leaders in investigating and analyzing malicious code

Table of Contents

Chapter 1. Malware Incident Response: Volatile Data Collection and Examination on a Live Linux System
Chapter 2. Linux Memory Forensics: Analyzing Physical and Process Memory Dumps for Malware Artifacts
Chapter 3. Postmortem Forensics: Discovering and Extracting Malware and Associated Artifacts from Linux Systems
Chapter 4. Legal Considerations
Chapter 5. File Identification and Profiling: Initial Analysis of a Suspect File on a Linux System
Chapter 6. Analysis of a Malware Specimen

中文：

书名：针对Linux系统的恶意软件取证现场指南

针对Linux系统的恶意软件取证现场指南：数字取证现场指南

Synress数字取证现场指南系列包括任何数字和计算机取证调查员和分析师的同伴。每本书都是一个工具包，里面有特定任务的核对表、困难情况的案例研究和专家分析师的提示。这份计算机取证、分析员和调查人员的工具简编以简明的提纲形式提出，并附有补充附录的交叉引用。它旨在以一种易于访问的格式为数字调查员提供清晰而简洁的指导，以应对事件或在实验室进行分析。

• 工作任务和核对表概要
• 特定于每天都在开发新的恶意软件的基于Linux的系统
• 作者是调查和分析恶意代码的世界知名领导者

目录表

第1章恶意软件事件响应：Live Linux系统上的易失性数据收集和检查
第2章Linux内存取证：分析物理和进程内存转储中的恶意软件构件
第三章验尸取证：从Linux系统中发现并提取恶意软件和相关制品
Chapter 4. Legal Considerations
第5章.文件识别和分析：Linux系统上可疑文件的初步分析
第6章：恶意软件样本分析