How to Defeat Advanced Malware : New Tools for Protection and Forensics.
Dalziel, Henry.
How to Defeat Advanced Malware : New Tools for Protection and Forensics. - 1st ed. - 1 online resource (54 pages)
Cover -- Title Page -- Copyright Page -- Table of contents -- Author Biography -- Contributing Editor Biography -- Chapter 1 - A Primer on Detection for Security -- 1.1 Today's approach: "compromise-first detection" -- Chapter 2 - 2014 Endpoint Exploitation Trends -- 2.1 Zero-day trends -- 2.3 Emerging zero-day exploitation techniques -- Chapter 3 - The Proposed Solution -- 3.1 The principle of least privilege -- 3.2 Detection's folly -- Chapter 4 - Protection's Weak Link -- 4.1 Desktop virtualization does not secure the endpoint -- 4.2 Detection and isolation using VMs -- Chapter 5 - Micro-Virtualization -- 5.1 Related work -- 5.2 A practical example -- 5.3 Hardware-enforced task isolation -- 5.4 Hardware virtualization technology -- 5.5 Micro-virtualization at work -- 5.6 The microvisor -- 5.7 Memory and CPU isolation -- 5.8 Virtualized file system (VFS) -- 5.9 Virtualized IP networking - the mobile SDN -- 5.10 Virtualized desktop services -- 5.11 Creation and management of micro-VMs -- 5.12 Reducing the attack surface -- Chapter 6 - Advanced Forensics and Analysis -- 6.1 Micro-VM behavioral analysis -- 6.2 Advanced live forensics -- 6.3 LAVA architecture -- 6.4 Conclusion.
9780128027530
Malware (Computer software).
Electronic books.
005.8 -- .D359 2015eb
005.84
How to Defeat Advanced Malware : New Tools for Protection and Forensics. - 1st ed. - 1 online resource (54 pages)
Cover -- Title Page -- Copyright Page -- Table of contents -- Author Biography -- Contributing Editor Biography -- Chapter 1 - A Primer on Detection for Security -- 1.1 Today's approach: "compromise-first detection" -- Chapter 2 - 2014 Endpoint Exploitation Trends -- 2.1 Zero-day trends -- 2.3 Emerging zero-day exploitation techniques -- Chapter 3 - The Proposed Solution -- 3.1 The principle of least privilege -- 3.2 Detection's folly -- Chapter 4 - Protection's Weak Link -- 4.1 Desktop virtualization does not secure the endpoint -- 4.2 Detection and isolation using VMs -- Chapter 5 - Micro-Virtualization -- 5.1 Related work -- 5.2 A practical example -- 5.3 Hardware-enforced task isolation -- 5.4 Hardware virtualization technology -- 5.5 Micro-virtualization at work -- 5.6 The microvisor -- 5.7 Memory and CPU isolation -- 5.8 Virtualized file system (VFS) -- 5.9 Virtualized IP networking - the mobile SDN -- 5.10 Virtualized desktop services -- 5.11 Creation and management of micro-VMs -- 5.12 Reducing the attack surface -- Chapter 6 - Advanced Forensics and Analysis -- 6.1 Micro-VM behavioral analysis -- 6.2 Advanced live forensics -- 6.3 LAVA architecture -- 6.4 Conclusion.
9780128027530
Malware (Computer software).
Electronic books.
005.8 -- .D359 2015eb
005.84