Managed Code Rootkits : Hooking into Runtime Environments
By: Metula, Erez.Material type: TextSeries: eBooks on Demand.Publisher: Saint Louis : Elsevier Science, 2014Description: 1 online resource (337 p.).ISBN: 9781597495752.Subject(s): Common Language Runtime (Computer science) | Computer security | Computer security | Computers - Access control | Computers -- Access control | Rootkits (Computer software) | Virtual computer systems - Security measures | Virtual computer systems -- Security measuresGenre/Form: Electronic books.Additional physical formats: Print version:: Managed Code Rootkits : Hooking into Runtime EnvironmentsDDC classification: 005.8 LOC classification: QA76.9.A25 M487 2010Online resources: Click here to view this ebook.
|Item type||Current location||Call number||URL||Status||Date due||Barcode|
|Electronic Book||UT Tyler Online Online||QA76.9.A25 M487 2010 (Browse shelf)||http://uttyler.eblib.com/patron/FullRecord.aspx?p=610554||Available||EBL610554|
Front Cover ; Managed Code Rootkits; Copyright; Table of Contents ; Acknowledgements; About the Author; Part I: Overview ; Chapter 1. Introduction ; The Problem of Rootkits and Other Types of Malware; Why Do You Need This Book?; Terminology Used in This Book; Technology Background: An Overview; Summary; Chapter 2. Managed Code Rootkits ; What Can Attackers Do with Managed Code Rootkits?; Common Attack Vectors; Why Are Managed Code Rootkits Attractive to Attackers?; Summary; Endnotes; Part II: Malware Development ; Chapter 3. Tools of the Trade ; The Compiler; The Decompiler; The Assembler
The DisassemblerThe Role of Debuggers; The Native Compiler; File Monitors; Summary; Chapter 4. Runtime Modification; Is It Possible to Change the Definition of a Programming Language?; Walkthrough: Attacking the Runtime Class Libraries; Summary; Chapter 5. Manipulating the Runtime; Manipulating the Runtime According to Our Needs; Reshaping the Code; Code Generation; Summary; Chapter 6. Extending the Language with a Malware API ; Why Should We Extend the Language?; Extending the Runtime with a Malware API; Summary; Endnote; Chapter 7. Automated Framework Modification ; What is ReFrameworker?
ReFrameworker Modules ConceptUsing the Tool; Developing New Modules; Setting Up the Tool; Summary; Chapter 8. Advanced Topics ; "Object-Oriented-Aware " Malware; Thread Injection; State Manipulation; Covering the Traces As Native Code; Summary; Part III: Countermeasures ; Chapter 9. Defending against MCRs ; What Can We Do about This Kind of Threat ?; Awareness: Malware Is Everybody's Problem; The Prevention Approach; The Detection Approach; The Response Approach; Summary; Endnote; Part IV: Where Do We Go from Here? ; Chapter 10. Other Uses of Runtime Modification
Runtime Modification As an Alternative Problem-Solving ApproachRuntime Hardening; Summary; Index
Managed Code Rootkits is the first book to cover application-level rootkits and other types of malware inside the application VM, which runs a platform-independent programming environment for processes. The book, divided into four parts, points out high-level attacks, which are developed in intermediate language. <br>The initial part of the book offers an overview of managed code rootkits. It explores environment models of managed code and the relationship of managed code to rootkits by studying how they use application VMs. It also discusses attackers of managed code rootkits and various atta
Description based upon print version of record.