Malware, rootkits & botnets : a beginner's guide /

Saved in:
Bibliographic Details
Author / Creator:Elisan, Christopher C.
Imprint:New York : McGraw-Hill, ©2013.
Description:1 online resource (1 volume) : illustrations
Language:English
Subject:
Format: E-Resource Book
URL for this record:http://pi.lib.uchicago.edu/1001/cat/bib/13608919
Hidden Bibliographic Details
Varying Form of Title:Malware, rootkits and botnets
Other authors / contributors:Hypponen, Mikko.
ISBN:9780071792059
0071792058
128357893X
9781283578936
9780071792066
0071792066
Notes:"Foreword by Mikko Hypponen"--Cover.
Includes bibliographical references and index.
Print version record.
Summary:Security Smarts for the Self-Guided IT Professional Learn how to improve the security posture of your organization and defend against some of the most pervasive network attacks. Malware, Rootkits & Botnets: A Beginner's Guide explains the nature, sophistication, and danger of these risks and offers best practices for thwarting them. After reviewing the current threat landscape, the book describes the entire threat lifecycle, explaining how cybercriminals create, deploy, and manage the malware, rootkits, and botnets under their control. You'll learn proven techniques for identifying and mitigating these malicious attacks. Templates, checklists, and examples give you the hands-on help you need to get started protecting your network right away. Malware, Rootkits & Botnets: A Beginner's Guide features: Lingo --Common security terms defined so that you're in the know on the job IMHO --Frank and relevant opinions based on the author's years of industry experience Budget Note --Tips for getting security technologies and processes into your organization's budget In Actual Practice --Exceptions to the rules of security explained in real-world contexts Your Plan --Customizable checklists you can use on the job now Into Action --Tips on how, why, and when to apply new skills and techniques at work.
Other form:Print version: Elisan, Christopher C. Malware, rootkits & botnets. New York. : McGraw-Hill, ©2013 9780071792066
Table of Contents:
  • Cover
  • Title Page
  • Copyright Page
  • About the Author
  • About the Technical Editors
  • Contents at a Glance
  • Contents
  • Acknowledgments
  • Foreword
  • Introduction
  • Why This Book?
  • Who Should Read This Book
  • What This Book Covers
  • How to Use This Book
  • How This Book Is Organized
  • Part I
  • Part II
  • Part IV
  • About the Series
  • Lingo
  • IMHO
  • Budget Note
  • In Actual Practice
  • Your Plan
  • Into Action
  • Part I: Establishing the Foundation
  • Chapter 1: Getting In Gear
  • A Malware Encounter
  • A Brief Overview of the Threat Landscape
  • Threat to National Security
  • Starting the Journey
  • We've Covered
  • References
  • Chapter 2: A Brief History of Malware
  • Computer Viruses
  • Classification of Computer Viruses
  • Early Challenges
  • Malware
  • Classification of Malware
  • Evolution of Malware
  • Riskware
  • Classification of Riskware
  • Malware Creation Kits
  • The Impact of Malware
  • We've Covered
  • Chapter 3: Cloak of the Rootkit
  • What Is a Rootkit?
  • Environment Mechanics
  • The Operating System Kernel
  • User Mode and Kernel Mode
  • Rings
  • Switching from User Mode to Kernel Mode
  • Types of Rootkits
  • User-Mode Rootkits
  • Kernel-Mode Rootkits
  • Rootkit Techniques
  • Hooking
  • DLL Injection
  • Direct Kernel Object Manipulation
  • Tackling Rootkits
  • We've Covered
  • Chapter 4: Rise of the Botnets
  • What Is a Botnet?
  • Main Characteristics
  • Key Components
  • C&C Structure
  • Botnet Usage
  • Distributed Denial of Service Attack
  • Click Fraud
  • Spam Relay
  • Pay-Per-Install Agent
  • Large-Scale Information Harvesting
  • Information Processing
  • Botnet Protective Mechanisms
  • Bulletproof Hosting
  • Dynamic DNS
  • Fast Fluxing
  • Domain Fluxing
  • The Fight Against Botnets
  • The Technical Front
  • The Legal Front
  • We've Covered
  • References
  • Part II: Welcome to the Jungle.
  • Chapter 5: The Threat Ecosystem
  • The Threat Ecosystem
  • The Technical Element
  • The Human Element
  • The Evolution of the Threat Ecosystem
  • Advanced Persistent Threat
  • The Attack Method
  • The Attack Profitability
  • Malware Economy
  • Malware Outsourcing
  • We've Covered
  • Chapter 6: The Malware Factory
  • The Need to Evade Antivirus
  • Malware Incident Handling Process
  • Malware Detection
  • Circumventing the Antivirus Product
  • The Need for an Army of Malware
  • Next-Generation Malware Kits
  • Stand-Alone Armoring Tools
  • The Impact of an Armored Army of Malware
  • The Malware Factory
  • The Malware Assembly Line
  • The Proliferation of Attacker Tools
  • Malware Population Explosion
  • We've Covered
  • Chapter 7: Infection Vectors
  • Infection Vectors
  • Physical Media
  • E-mail
  • Instant Messaging and Chat
  • Social Networking
  • URL Links
  • File Shares
  • Software Vulnerabilities
  • The Potential of Becoming an Infection Vector
  • We've Covered
  • Chapter 8: The Compromised System
  • The Malware Infection Process
  • Installation of Malware Files
  • Setting Up Malware Persistency
  • Removing Evidence of the Malware Installer
  • Passing Control to the Malware
  • The Active Malware
  • Maintaining the Foothold
  • Communicating with the Attacker
  • Executing the Payload
  • We've Covered
  • Part III: The Enterprise Strikes Back
  • Chapter 9: Protecting the Organization
  • The Threat Incident Responders
  • Understanding the Value of the System
  • Value to the Organization
  • Value to the Attacker
  • Understanding the Characteristics of the System
  • System Type
  • Operational Impact
  • Sensitivity of Hosted Data
  • Users of the System
  • Network Location
  • Accessibility to the Asset
  • Asset Access Rights
  • Recovery
  • System Status
  • Prioritizing the Systems
  • The Organization's Security Posture.
  • Understanding the Cost of Compromise
  • Direct Cost
  • Indirect Cost
  • Protecting the Systems
  • Threat Modeling
  • Identifying the Appropriate Solutions
  • Proactive Threat Detection
  • Creating an Incident Response Plan
  • Identify Different Compromise Scenarios
  • Identify Solution Patterns
  • Define Roles and Responsibilities
  • Establish Protocols
  • Conduct Periodic Dry-Runs
  • Review and Improve
  • Putting Everything into Action
  • Beyond Protection
  • We've Covered
  • Chapter 10: Detecting the Threat
  • Establishing a Baseline
  • Establishing a Network Baseline
  • Establishing a Host Baseline
  • Detecting Anomalies
  • Detecting Network Anomalies
  • Detecting Host Anomalies
  • Isolating the Source of the Anomaly
  • Diving into the Compromised Asset
  • Pinpointing the Malware
  • Classifying the Malware Based on Its Attack Directive
  • We've Covered
  • Chapter 11: Mitigating the Threat
  • Threat Mitigation
  • Immediate Response
  • Containment
  • Verification
  • Threat Detection and Classification
  • Remediation and Restoration
  • Proactive Response
  • Preventive Measures
  • Conducting a Periodic Security Audit
  • The Threat from Insiders
  • Who Are the Insider Threats?
  • Mitigating the Insider Threat
  • Be Vigilant
  • We've Covered
  • Part IV: Final Thoughts
  • Chapter 12: The Never-Ending Race
  • A Short Review of the Book
  • Predictions
  • The Future of Malware
  • The Future of Rootkits
  • The Future of Botnets
  • The Good Guys Are Busy Too
  • The Adventure Has Just Begun
  • We've Covered
  • Appendix A: The Bootup Process
  • The Windows Bootup Process
  • BIOS-Based system
  • EFI-Based System
  • Appendix B: Useful Links
  • Vulnerability Information
  • Free Online Security Products
  • Free File Scanner and Analysis Tools
  • Web Security
  • Malware Trackers
  • Other Important Links
  • Glossary
  • Index.