Southern California Honeynet Project
A Chapter of the Honeynet Project
Malware Forensics
The members of the Southern California Chapter are co-authors of the best selling forensic book, Malware Forensics: Investigating and Analyzing Malicious Code, published by Syngress/Elsevier. Malware Forensics covers the emerging field of live
digital forensics, where
investigators examine computers and networks systems to collect and
preserve critical data during a live incident that may be lost if the
system is shut down or immediately remediated.
The book’s content focuses on identifying and capturing malicious code
and relevant evidence of its effect on the compromised system by using
live forensics and evidence collection methodologies applicable to
Windows and Linux operating systems. The book also provides clear and
concise guidance on how to forensically capture and examine physical
and process computer memory as a key investigative step in malicious
code forensics. Further, Malware Forensics provides deep coverage on
"file profiling," or the preliminary analysis of suspect file, as well
as dynamic and static analysis of a malware specimen. Finally, the book
covers the legal ramifications of
malware attacks to guide companies on how best to coordinate efforts
across IT, legal, finance, marketing and other business units to
achieve the most effective response for affected stakeholders.