Book Image

Digital Forensics and Incident Response

By : Gerard Johansen
Book Image

Digital Forensics and Incident Response

By: Gerard Johansen

Overview of this book

Digital Forensics and Incident Response will guide you through the entire spectrum of tasks associated with incident response, starting with preparatory activities associated with creating an incident response plan and creating a digital forensics capability within your own organization. You will then begin a detailed examination of digital forensic techniques including acquiring evidence, examining volatile memory, hard drive assessment, and network-based evidence. You will also explore the role that threat intelligence plays in the incident response process. Finally, a detailed section on preparing reports will help you prepare a written report for use either internally or in a courtroom. By the end of the book, you will have mastered forensic techniques and incident response and you will have a solid foundation on which to increase your ability to investigate such incidents in your organization.
Table of Contents (18 chapters)
Title Page
Credits
About the Author
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface

Malware analysis overview


Malware Analysis or malware reverse engineering is a highly technical and specialized field in forensics. Anti-Virus and Threat Intelligence utilizes a highly trained cadre of programmers and forensic personnel that acquire malware from the wild and then rip it open to determine what it does, how it does it, and who may be responsible for it. This is done utilizing two types of analysis, Static and Dynamic. Like much of digital forensics, each type of analysis affords some advantages and incident response analysts should be familiar with both.

Note

An excellent treatment of malware analysis conducted against actual malware found in the wild is Kim Zetter's book Countdown to Zero Day. Comprehensively researched, this book delves deep into the Stuxnet virus as various research teams attempt to understand what the malware is doing.

An excellent malware analysis methodology was created by Lenny Zeltser, a malware analysis professional who has an excellent array of resources...