MARC details
000 -LEADER |
fixed length control field |
05575cam a2200661Mi 4500 |
001 - CONTROL NUMBER |
control field |
ocn830164262 |
003 - CONTROL NUMBER IDENTIFIER |
control field |
OCoLC |
005 - DATE AND TIME OF LATEST TRANSACTION |
control field |
20240711085021.0 |
006 - FIXED-LENGTH DATA ELEMENTS--ADDITIONAL MATERIAL CHARACTERISTICS |
fixed length control field |
m o d |
007 - PHYSICAL DESCRIPTION FIXED FIELD--GENERAL INFORMATION |
fixed length control field |
cr |n||||||||| |
008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
fixed length control field |
130316s2012 cau o 000 0 eng d |
020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
International Standard Book Number |
9781593274306 |
020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
International Standard Book Number |
1593274300 |
020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
International Standard Book Number |
1593272901 |
020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
International Standard Book Number |
9781593272906 |
Qualifying information |
Paperback |
029 1# - OTHER SYSTEM CONTROL NUMBER (OCLC) |
OCLC library identifier |
DEBBG |
System control number |
BV044173859 |
029 1# - OTHER SYSTEM CONTROL NUMBER (OCLC) |
OCLC library identifier |
DEBSZ |
System control number |
397494270 |
035 ## - SYSTEM CONTROL NUMBER |
System control number |
(OCoLC)830164262 |
Canceled/invalid control number |
(OCoLC)994353322 |
-- |
(OCoLC)1156147137 |
040 ## - CATALOGING SOURCE |
Original cataloging agency |
EBLCP |
Language of cataloging |
eng |
Description conventions |
pn |
Transcribing agency |
EBLCP |
Modifying agency |
YDXCP |
-- |
MEAUC |
-- |
DEBSZ |
-- |
OCLCQ |
-- |
XFH |
-- |
OCLCF |
-- |
IDEBK |
-- |
RECBK |
-- |
ZCU |
-- |
MERUC |
-- |
OCLCQ |
-- |
OCLCO |
-- |
U3W |
-- |
OCLCA |
-- |
CNNOR |
-- |
ICG |
-- |
INT |
-- |
AU@ |
-- |
OCLCQ |
-- |
DKC |
-- |
OCLCQ |
-- |
SGP |
-- |
OCLCO |
-- |
OCLCQ |
-- |
OCLCO |
-- |
OCLCL |
050 #4 - LIBRARY OF CONGRESS CALL NUMBER |
Classification number |
QA76.76.C68 S534 2012 |
080 ## - UNIVERSAL DECIMAL CLASSIFICATION NUMBER |
Universal Decimal Classification number |
004.491.22 |
082 04 - DEWEY DECIMAL CLASSIFICATION NUMBER |
Classification number |
005.84 SIK |
100 1# - MAIN ENTRY--PERSONAL NAME |
Personal name |
Sikorski, Michael. |
245 10 - TITLE STATEMENT |
Title |
Practical Malware Analysis : |
Remainder of title |
the Hands-On Guide to Dissecting Malicious Software. |
260 ## - PUBLICATION, DISTRIBUTION, ETC. |
Place of publication, distribution, etc. |
San Francisco : |
Name of publisher, distributor, etc. |
No Starch Press, |
Date of publication, distribution, etc. |
2012. |
300 ## - PHYSICAL DESCRIPTION |
Extent |
(xxxi ; 802 pages) |
336 ## - CONTENT TYPE |
Content type term |
text |
Content type code |
txt |
Source |
rdacontent |
337 ## - MEDIA TYPE |
Media type term |
Book |
Media type code |
c |
Source |
rdamedia |
338 ## - CARRIER TYPE |
Carrier type term |
online resource |
Carrier type code |
cr |
Source |
rdacarrier |
505 8# - FORMATTED CONTENTS NOTE |
Formatted contents note |
Hashing: A Fingerprint for MalwareFinding Strings; Packed and Obfuscated Malware; Packing Files; Detecting Packers with PEiD; Portable Executable File Format; Linked Libraries and Functions; Static, Runtime, and Dynamic Linking; Exploring Dynamically Linked Functions with Dependency Walker; Imported Functions; Exported Functions; Static Analysis in Practice; PotentialKeylogger.exe: An Unpacked Executable; PackedProgram.exe: A Dead End; The PE File Headers and Sections; Examining PE Files with PEview; Viewing the Resource Section with Resource Hacker; Using Other PE File Tools. |
505 8# - FORMATTED CONTENTS NOTE |
Formatted contents note |
PE Header SummaryConclusion; Lab 1-1; Questions; Lab 1-2; Questions; Lab 1-3; Questions; Lab 1-4; Questions; 2: Malware Analysis in Virtual Machines; The Structure of a Virtual Machine; Creating Your Malware Analysis Machine; Configuring VMware; Using Your Malware Analysis Machine; Connecting Malware to the Internet; Connecting and Disconnecting Peripheral Devices; Taking Snapshots; Transferring Files from a Virtual Machine; The Risks of Using VMware for Malware Analysis; Record/Replay: Running Your Computer in Reverse; Conclusion; 3: Basic Dynamic Analysis. |
505 8# - FORMATTED CONTENTS NOTE |
Formatted contents note |
Sandboxes: The Quick-and-Dirty ApproachUsing a Malware Sandbox; Sandbox Drawbacks; Running Malware; Monitoring with Process Monitor; The Procmon Display; Filtering in Procmon; Viewing Processes with Process Explorer; The Process Explorer Display; Using the Verify Option; Comparing Strings; Using Dependency Walker; Analyzing Malicious Documents; Comparing Registry Snapshots with Regshot; Faking a Network; Using ApateDNS; Monitoring with Netcat; Packet Sniffing with Wireshark; Using INetSim; Basic Dynamic Tools in Practice; Conclusion; Lab 3-1; Questions; Lab 3-2; Questions; Lab 3-3; Questions. |
505 8# - FORMATTED CONTENTS NOTE |
Formatted contents note |
Lab 3-4Questions; Part 2: Advanced Static Analysis; 4: A Crash Course in x86 Disassembly; Levels of Abstraction; Reverse-Engineering; The x86 Architecture; Main Memory; Instructions; Opcodes and Endianness; Operands; Registers; Simple Instructions; The Stack; Conditionals; Branching; Rep Instructions; C Main Method and Offsets; More Information: Intel x86 Architecture Manuals; Conclusion; 5: IDA Pro; Loading an Executable; The IDA Pro Interface; Disassembly Window Modes; Useful Windows for Analysis; Returning to the Default View; Navigating IDA Pro; Searching; Using Cross-References. |
520 ## - SUMMARY, ETC. |
Summary, etc. |
There are more than 100 malicious computer attacks every second, resulting in tens of billions of dollars in economic damages each year. Among security professionals, the skills required to quickly analyze and assess these attacks are in high demand. Practical Malware Analysis provides a rapid introduction to the tools and methods used to dissect malicious software (malware), showing readers how to discover, debug, and disassemble these threats. The book goes on to examine how to overcome the evasive techniques?stealth, code obfuscation, encryption, file packing, and others?that malware author. |
546 ## - LANGUAGE NOTE |
Language note |
English. |
588 0# - SOURCE OF DESCRIPTION NOTE |
Source of description note |
Print version record. |
600 ## - SUBJECT ADDED ENTRY--PERSONAL NAME |
Personal name |
Sikorski, Michael. |
650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
Malware (Computer software) |
650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
Computer viruses. |
650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
Debugging in computer science. |
650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
Computer security. |
650 #6 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
Logiciels malveillants. |
650 #6 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
Virus informatiques. |
650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
COMPUTERS |
General subdivision |
Security |
-- |
Viruses & Malware. |
Source of heading or term |
bisacsh |
650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
Computer security |
Source of heading or term |
fast |
650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
Computer viruses |
Source of heading or term |
fast |
650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
Debugging in computer science |
Source of heading or term |
fast |
650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM |
Topical term or geographic name entry element |
Malware (Computer software) |
Source of heading or term |
fast |
653 ## - INDEX TERM--UNCONTROLLED |
Uncontrolled term |
Malware Analysis - Dissecting Malicious Software - Static Analysis |
700 1# - ADDED ENTRY--PERSONAL NAME |
Personal name |
Honig, Andrew. |
758 ## - RESOURCE IDENTIFIER |
Relationship information |
has work: |
Label |
Practical malware analysis (Text) |
Real World Object URI |
https://id.oclc.org/worldcat/entity/E39PCGfFqxBVbRTkRX7hHgM8fq |
Relationship |
https://id.oclc.org/worldcat/ontology/hasWork |
776 08 - ADDITIONAL PHYSICAL FORM ENTRY |
Relationship information |
Print version: |
Main entry heading |
Sikorski, Michael. |
Title |
Practical Malware Analysis : A Hands-On Guide to Dissecting Malicious Software. |
Place, publisher, and date of publication |
San Francisco : No Starch Press, �2012 |
International Standard Book Number |
9781593272906 |
856 40 - ELECTRONIC LOCATION AND ACCESS |
Materials specified |
MyiLibrary |
Uniform Resource Identifier |
<a href="http://www.myilibrary.com?id=1025764">http://www.myilibrary.com?id=1025764</a> |
856 40 - ELECTRONIC LOCATION AND ACCESS |
Materials specified |
RBdigital |
Uniform Resource Identifier |
<a href="http://rbdigital.rbdigital.com">http://rbdigital.rbdigital.com</a> |
856 40 - ELECTRONIC LOCATION AND ACCESS |
Public note |
Click here to view book |
Uniform Resource Identifier |
<a href="http://public.eblib.com/choice/PublicFullRecord.aspx?p=6095762">http://public.eblib.com/choice/PublicFullRecord.aspx?p=6095762</a> |
942 ## - ADDED ENTRY ELEMENTS (KOHA) |
Source of classification or shelving scheme |
Dewey Decimal Classification |
Koha item type |
Books |
Classification part |
005.84 SIK |
Call number suffix |
SIK |
Suppress in OPAC |
No |
948 ## - LOCAL PROCESSING INFORMATION (OCLC); SERIES PART DESIGNATOR (RLIN) |
h (OCLC) |
NO HOLDINGS IN GHUCC - 568 OTHER HOLDINGS |