Spotlight customer reviews:
|
Customer Rating: 
Summary: Fascinating and in-depth
Comment: This is a very interesting read from both a technology perspective and a psychology perspective. You learn about how viruses work and why, and about the people that write them. It's a fascinating look into a world that we usually only get the one, depressing, view on.
Customer Rating:
Summary: Simply the Best!
Comment: This book is the primer for any serious virus researcher. It is well-written and provides an in-depth coverage of everything you would ever want to know about viruses from basic terminology to metamorphic and polymorphic viruses, infection strategies and analysis techniques. Peter Szor is clearly one of the best in the business and right person to write this book!
Customer Rating:
Summary: best of breed book
Comment: excellent book from Peter Szor best book about viruses i have read. Not enough 5 star . Must read book for Security people
Customer Rating:
Summary: Superb and exceptional book!
Comment: If the phase "a bible of malware" weren't a cliché, I would have used it to describe this book without hesitation. I read a lot of security (and specifically, malware) titles, but I have never seen a book that comprehensive and detailed, period.
The author appears to know _everything_ that was going on in the malicious software space since the 80s (for example, who knew that there were viruses written in DEC's DCL language)... A lot of effort is spent classifying various infection, in-memory, self-protection, payload and other virus strategies. I loved the section on malware self-protection, such as anti-debugging and anti-disassembly tactics and even self-brute-forcing virus code (I never knew there are sooo many of those tricks). Nowhere else I saw the detailed explanation of oligomorphic, polymorphic and metamorphic viruses... Note that while the book does cover the fun historical viruses, its coverage extends all the way to phishing attacks of the 2004-2005.
My other favorite part is the chapter on worms. "Vanilla" viruses often feel like the creatures of the past, and the worms steal all the glory. The other holds a view that worms are just a type of viruses that he justifies fairly well. Indeed, there is no accepted definition of a "worm".
The book is obviously aimed towards virus defense, although both sides are covered in [at times] excruciating detail. The entire part is dedicated to history and technology of virus scanning. Personally, I never saw it covered with that level of detail. Finally, I had a chance to learn what `heuristic detection' means. On the defense side, the book also covers behavior blocking and host intrusion prevention, which has a chance of emerging as the main approaches of virus fighting, supplanting pure signature-based scanning. Similarly fun was a section on network-level defense strategies (such as using ACLs, firewalls, etc).
A surprisingly small chapter covers malicious code analysis techniques. I would have appreciated a more detailed info on using VMware for malware analysis.
Overall, the book is very technical, but (if need be) can be read without diving too deeply into PDP11 assembly , just to get familiar with all the malware classifications, infection methods and other tricks. Highly recommended for technical security professionals, might also benefit others in IT and beyond. I think it will also fit the textbook profile for an advanced computer security course.
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA is a Security Strategist with a major security company. He is an author of the book "Security Warrior" and a contributor to "Know Your Enemy II". In his spare time, he maintains his security portal info-secure.org
Customer Rating:
Summary: Knocks the wind out of you
Comment: Peter Szor is a genius.
The Art of Computer Virus Research and Defense is a great book from one of the top AV people around.
the book is over 700 pages of good informaiton. There is no filler here. this is tech writing at its best.
|
|
|
