책 이미지
책 정보
· 분류 : 외국도서 > 컴퓨터 > 보안 > 암호
· ISBN : 9781118825099
· 쪽수 : 912쪽
목차
Part I: An Introduction to Memory Forensics
Chapter 1: Systems Overview
Chapter 2: Data Structures
Chapter 3: The Volatility Framework
Chapter 4: Memory Acquisition
Part II: Windows Memory Forensics
Chapter 5: Windows Objects and Pool Allocations
Chapter 6: Processes, Handles, and Tokens
Chapter 7: Process Memory Internals
Chapter 8: Hunting Malware in Process Memory
Chapter 9: Event Logs
Chapter 10: Registry in Memory
Chapter 11: Networking
Chapter 12: Windows Services
Chapter 13: Kernel Forensics and Rootkits
Chapter 14: Windows GUI Subsystem, Part I
Chapter 15: Windows GUI Subsystem, Part II
Chapter 16: Disk Artifacts in Memory
Chapter 17: Event Reconstruction
Chapter 18: Timelining
Part III: Linux Memory Forensics
Chapter 19: Linux Memory Acquisition
Chapter 20: Linux Operating System
Chapter 21: Processes and Process Memory
Chapter 22: Networking Artifacts
Chapter 23: Kernel Memory Artifacts
Chapter 24: File Systems in Memory
Chapter 25: Userland Rootkits
Chapter 26: Kernel Mode Rootkits
Chapter 27: Case Study: Phalanx2
Part IV: Mac Memory Forensics
Chapter 28: Mac Acquisition and Internals
Chapter 29: Mac Memory Overview
Chapter 30: Malicious Code and Rootkits
Chapter 31: Tracking User Activity
Index