Book Reviews: Information Security Books and Product Reviews – Malware Forensics

Book Title:   Malware Forensics

Subtitle: Investigating and Analyzing Malicious Code

Author(s): James M. Aquilina, Eoghan Casey, Cameron H. Malin

Publisher: Syngress

Date of Publishing: 30 June 2008

ISBN(13):  9781597492683

Price (UK&US price – full price, not discounted price):  £41.99 (UK), $69.95 (USA

URL of Publisher Site:  Syngress

URL of Amazon UK web page:  Malware Forensics: Investigating and Analyzing Malicious Code

URL of Amazon UK (Kindle) web page: N/A

URL of Amazon US web page:  Malware Forensics: Investigating and Analyzing Malicious Code

URL of Amazon US (Kindle) web page:  N/A

This book, although published in June 2008, is by far the most comprehensive introduction to the inner workings of malware that I’ve come across. Understanding malware is a really complicated subject, covering a broad spectrum of illicit software types, but there is no doubt that the combined efforts of James Aquilina, Eoghan Casey, and Cameron Malin delivers a fantastic result. I personally struggle with reading heavyweight textbooks cover to cover, often with these books ending up on my bookshelf as unread references just in case I will need them in the future. However, I did read this one, cover to cover, and have come out the other side of that experience a better man. The authors go into the low-level details of both Windows and Linux malware and decompose the inner working of each type of illicit software to a fundamental degree of understanding that is consumable by programmers and non-programmers (like me). Another great feature of this book is that the authors do not hold back on their use of Windows and Linux tools, taking the reader through the processes involved analyzing real examples of malware in both operating system environments. I would recommend this book to anyone who has an interest in understanding malware and certainly recommend it to anyone who has a need to understand the context of malware in computer forensics. It is very apparent from the style of delivery and especially after re-reading the introductory section on the context of forensics that the authors are very focused on the evidentiary weight of their malware analysis. I applaud them for these efforts and highly recommend this book as not just being for malware geeks, but really important for anyone trying to understand the nature of malicious code and how it can adversely affect your forensic investigation.

At 592 pages, this book is a true heavyweight contender and is truly the best value for money I’ve found on this subject. Well done, Syngress and well done authors for Winner of Best Book Bejtlich read in 2008

Marks: 5 out of 5

You don`t have permission to comment here!