000			02094nam a22003497a 4500
020			_a9781118825099
082	0	4	_a005.8 _bLIG/A
100	1		_aLigh Michael Hale.
245	1	4	_aThe Art of Memory Forensics : _bDetecting Malware and Threats in Windows, Linux, and Mac Memory
246	3	0	_aDetecting Malware and Threats in Windows, Linux, and Mac Memory
260			_aIndianapolis _bJohn wiley& Sons _c2014
300			_axxiii, 886 pages : _billustrations ;
504			_aIncludes index.
505	0		_aMachine generated contents note: 1.Systems Overview -- Digital Environment -- PC Architecture -- Operating Systems -- Process Management -- Memory Management -- File System -- I/O Subsystem -- Summary -- 2.Data Structures -- Basic Data Types -- Summary -- 3.The Volatility Framework -- Why Volatility? -- What Volatility Is Not -- Installation -- The Framework -- Using Volatility -- Summary -- 4.Memory Acquisition -- Preserving the Digital Environment -- Software Tools -- Memory Dump Formats -- Converting Memory Dumps -- Volatile Memory on Disk -- Summary -- 5.Windows Objects and Pool Allocations -- Windows Executive Objects -- Pool-Tag Scanning -- Limitations of Pool Scanning -- Big Page Pool -- Pool-Scanning Alternatives -- Summary -- 6.Processes, Handles, and Tokens -- Processes -- Process Tokens -- Privileges -- Process Handles -- Enumerating Handles in Memory -- Summary -- 7.Process Memory Internals -- What's in Process Memory? -- Enumerating Process Memory -- Summary --
505	0		_aContents note continued: Summary.
650		0	_aMalware (Computer software)
650		0	_aComputer security.
650		0	_aComputer networks
650		0	_aComputer crimes.
650		7	_aRéseaux informatiques.
650		7	_aDélits informatiques.
650		7	_aSécurité informatique.
650		7	_aMémorisation des données.
650		7	_aComputer crimes.
650		7	_aComputer networks
650		7	_aComputer security.
650		7	_aMalware (Computer software)
700	1		_aCase Andrew
700	1		_aLevy Jamie.
700	1		_aWalters, Aaron.
942			_cBK
999			_c2213 _d2213