Normal view MARC view ISBD view

Managed Code Rootkits : Hooking into Runtime Environments

By: Metula, Erez.
Material type: TextTextSeries: eBooks on Demand.Publisher: Saint Louis : Elsevier Science, 2014Description: 1 online resource (337 p.).ISBN: 9781597495752.Subject(s): Common Language Runtime (Computer science) | Computer security | Computer security | Computers - Access control | Computers -- Access control | Rootkits (Computer software) | Virtual computer systems - Security measures | Virtual computer systems -- Security measuresGenre/Form: Electronic books.Additional physical formats: Print version:: Managed Code Rootkits : Hooking into Runtime EnvironmentsDDC classification: 005.8 Online resources: Click here to view this ebook.
Contents:
Front Cover ; Managed Code Rootkits; Copyright; Table of Contents ; Acknowledgements; About the Author; Part I: Overview ; Chapter 1. Introduction ; The Problem of Rootkits and Other Types of Malware; Why Do You Need This Book?; Terminology Used in This Book; Technology Background: An Overview; Summary; Chapter 2. Managed Code Rootkits ; What Can Attackers Do with Managed Code Rootkits?; Common Attack Vectors; Why Are Managed Code Rootkits Attractive to Attackers?; Summary; Endnotes; Part II: Malware Development ; Chapter 3. Tools of the Trade ; The Compiler; The Decompiler; The Assembler
The DisassemblerThe Role of Debuggers; The Native Compiler; File Monitors; Summary; Chapter 4. Runtime Modification; Is It Possible to Change the Definition of a Programming Language?; Walkthrough: Attacking the Runtime Class Libraries; Summary; Chapter 5. Manipulating the Runtime; Manipulating the Runtime According to Our Needs; Reshaping the Code; Code Generation; Summary; Chapter 6. Extending the Language with a Malware API ; Why Should We Extend the Language?; Extending the Runtime with a Malware API; Summary; Endnote; Chapter 7. Automated Framework Modification ; What is ReFrameworker?
ReFrameworker Modules ConceptUsing the Tool; Developing New Modules; Setting Up the Tool; Summary; Chapter 8. Advanced Topics ; "Object-Oriented-Aware " Malware; Thread Injection; State Manipulation; Covering the Traces As Native Code; Summary; Part III: Countermeasures ; Chapter 9. Defending against MCRs ; What Can We Do about This Kind of Threat ?; Awareness: Malware Is Everybody's Problem; The Prevention Approach; The Detection Approach; The Response Approach; Summary; Endnote; Part IV: Where Do We Go from Here? ; Chapter 10. Other Uses of Runtime Modification
Runtime Modification As an Alternative Problem-Solving ApproachRuntime Hardening; Summary; Index
Summary: Managed Code Rootkits is the first book to cover application-level rootkits and other types of malware inside the application VM, which runs a platform-independent programming environment for processes. The book, divided into four parts, points out high-level attacks, which are developed in intermediate language. <br>The initial part of the book offers an overview of managed code rootkits. It explores environment models of managed code and the relationship of managed code to rootkits by studying how they use application VMs. It also discusses attackers of managed code rootkits and various atta
Tags from this library: No tags from this library for this title. Log in to add tags.
Item type Current location Call number URL Status Date due Barcode
Electronic Book UT Tyler Online
Online
QA76.9.A25 M487 2010 (Browse shelf) http://uttyler.eblib.com/patron/FullRecord.aspx?p=610554 Available EBL610554

Front Cover ; Managed Code Rootkits; Copyright; Table of Contents ; Acknowledgements; About the Author; Part I: Overview ; Chapter 1. Introduction ; The Problem of Rootkits and Other Types of Malware; Why Do You Need This Book?; Terminology Used in This Book; Technology Background: An Overview; Summary; Chapter 2. Managed Code Rootkits ; What Can Attackers Do with Managed Code Rootkits?; Common Attack Vectors; Why Are Managed Code Rootkits Attractive to Attackers?; Summary; Endnotes; Part II: Malware Development ; Chapter 3. Tools of the Trade ; The Compiler; The Decompiler; The Assembler

The DisassemblerThe Role of Debuggers; The Native Compiler; File Monitors; Summary; Chapter 4. Runtime Modification; Is It Possible to Change the Definition of a Programming Language?; Walkthrough: Attacking the Runtime Class Libraries; Summary; Chapter 5. Manipulating the Runtime; Manipulating the Runtime According to Our Needs; Reshaping the Code; Code Generation; Summary; Chapter 6. Extending the Language with a Malware API ; Why Should We Extend the Language?; Extending the Runtime with a Malware API; Summary; Endnote; Chapter 7. Automated Framework Modification ; What is ReFrameworker?

ReFrameworker Modules ConceptUsing the Tool; Developing New Modules; Setting Up the Tool; Summary; Chapter 8. Advanced Topics ; "Object-Oriented-Aware " Malware; Thread Injection; State Manipulation; Covering the Traces As Native Code; Summary; Part III: Countermeasures ; Chapter 9. Defending against MCRs ; What Can We Do about This Kind of Threat ?; Awareness: Malware Is Everybody's Problem; The Prevention Approach; The Detection Approach; The Response Approach; Summary; Endnote; Part IV: Where Do We Go from Here? ; Chapter 10. Other Uses of Runtime Modification

Runtime Modification As an Alternative Problem-Solving ApproachRuntime Hardening; Summary; Index

Managed Code Rootkits is the first book to cover application-level rootkits and other types of malware inside the application VM, which runs a platform-independent programming environment for processes. The book, divided into four parts, points out high-level attacks, which are developed in intermediate language. <br>The initial part of the book offers an overview of managed code rootkits. It explores environment models of managed code and the relationship of managed code to rootkits by studying how they use application VMs. It also discusses attackers of managed code rootkits and various atta

Description based upon print version of record.

There are no comments for this item.

Log in to your account to post a comment.