The Art of Computer Virus Research and Defense is a reference written strictly for white hats: IT and security professionals responsible for protecting their organizations against malware. Peter Szor systematically covers everything you need to know, including virus behavior and classification, protection strategies, antivirus and worm-blocking techniques, and much more. Szor presents the state-of-the-art in both malware and protection, providing the full technical detail that professionals need to handle increasingly complex attacks.
Along the way, he provides extensive information on code metamorphism and other emerging techniques, so you can anticipate and prepare for future threats. Szor also offers the most thorough and practical primer on virus analysis ever published. Addressing everything from creating your own personal laboratory to automating the analysis process.
The book covers the following topics:
- Identifying malicious code and how it works
- Classifying infection strategies of malware
- Code obfuscation threats
- Malicious code analysis techniques
- Reverse Engineering
- Implementing Defense Techniques
It’s pretty dated these days, but it’s still a highly informative read about virus developments over time and the tools of the defender, the anti-virus industry. Even shows how to analyze malware. x86 assembly language knowledge is needed to understand the code snippets. (amazon.com user’s review)
If you are looking to buy an antivirus software or comparing different security software then look no further. For an informed decision on buying an antivirus program, here is a comprehensive guide that compares Mcafee vs Avast.
About the author
Peter Szor is security architect for Symantec Security Response, where he has been designing and building antivirus technologies for the Norton AntiVirus product line since 1999. From 1990 to 1995, Szor wrote and maintained his own antivirus program, Pasteur. A renowned computer virus and security researcher, Szor speaks frequently at the Virus Bulletin, EICAR, ICSA, and RSA conferences, as well as the USENIX Security Symposium. He currently serves on the advisory board of Virus Bulletin magazine, and is a founding member of the AVED (AntiVirus Emergency Discussion) network.