How to defeat advanced malware new tools for protection and forensics
<i><b>How to Defeat Advanced Malware </b></i>is a concise introduction to the concept of micro-virtualization. The book provides current facts and figures that prove detection- based security products have become ineffective. A simple strategy is then presented that both lev...
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Waltham, Massachusetts :
Syngress
2015.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009629219906719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright Page
- Table of contents
- Author Biography
- Contributing Editor Biography
- Chapter 1 - A Primer on Detection for Security
- 1.1 Today's approach: "compromise-first detection"
- Chapter 2 - 2014 Endpoint Exploitation Trends
- 2.1 Zero-day trends
- 2.3 Emerging zero-day exploitation techniques
- Chapter 3 - The Proposed Solution
- 3.1 The principle of least privilege
- 3.2 Detection's folly
- Chapter 4 - Protection's Weak Link
- 4.1 Desktop virtualization does not secure the endpoint
- 4.2 Detection and isolation using VMs
- Chapter 5 - Micro-Virtualization
- 5.1 Related work
- 5.2 A practical example
- 5.3 Hardware-enforced task isolation
- 5.4 Hardware virtualization technology
- 5.5 Micro-virtualization at work
- 5.6 The microvisor
- 5.7 Memory and CPU isolation
- 5.8 Virtualized file system (VFS)
- 5.9 Virtualized IP networking - the mobile SDN
- 5.10 Virtualized desktop services
- 5.11 Creation and management of micro-VMs
- 5.12 Reducing the attack surface
- Chapter 6 - Advanced Forensics and Analysis
- 6.1 Micro-VM behavioral analysis
- 6.2 Advanced live forensics
- 6.3 LAVA architecture
- 6.4 Conclusion.
