There was an email thread circulating here at GFI Sunbelt Labs listing good books about malware analysis. Someone said: �we should blog this.�
Here is a list of everybody�s picks:
�Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code,� by Steven Adair, Blake Hartstein, Michael Lighand and Matthew Richard, (2010) http://www.amazon.com/gp/product/0470613033/
�Malware Forensics: Investigating and Analyzing Malicious Code,� by James M. Aquilina, Eoghan Casey and Cameron H. Malin (2008) http://www.amazon.com/Malware-Forensics-Investigating-Analyzing-Malicious/dp/159749268X
In-depth reads on malcode analysis and disassembling techniques:
�Reversing: Secrets of Reverse Engineering,� by Eldad Eilam (2005)
http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817
�The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler,� by Chris Eagle (2008)
http://www.amazon.com/IDA-Pro-Book-Unofficial-Disassembler/dp/1593271786
�Disassembling Code: IDA Pro and SoftICE,� by Vlad Pirogov (2005)
http://www.amazon.com/Disassembling-Code-IDA-Pro-SoftICE/dp/1931769516
�Rootkits: Subverting the Windows Kernel,� by Jamie Butler and Greg Hoglund (2005)
http://www.amazon.com/Rootkits-Subverting-Windows-Greg-Hoglund/dp/0321294319
The classics:
�The Art of Computer Virus Research and Defense,� by Peter Szor (2005)
http://www.amazon.com/Art-Computer-Virus-Research-Defense/dp/0321304543
(Although this is five years old, it�s something of a classic. It�s a nice history of malicious code, detection techniques and just a really good all-around read.)
�Malware: Fighting Malicious Code,� by Ed Skoudis and Lenny Zeltser (2003)
http://www.amazon.com/Malware-Fighting-Malicious-Ed-Skoudis/dp/0131014056
Zeltser also has a web site with great information:
http://zeltser.com/reverse-malware-paper/ (2001)
http://zeltser.com/combating-malicious-software/ (updated)
Thanks Alex and Eric
Tom Kelchner
No comments:
Post a Comment