Cyber Adversary Characterization: Auditing the Hacker Mind Review

Average Reviews:

(More customer reviews)Are you looking to buy Cyber Adversary Characterization: Auditing the Hacker Mind? Here is the right place to find the great deals. we can offer discounts of up to 90% on Cyber Adversary Characterization: Auditing the Hacker Mind. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Cyber Adversary Characterization: Auditing the Hacker Mind ReviewAn uneven book. The preface and last chapter are by far the best parts. Noted technology commentator Richard Thieme ("Islands in the Clickstream") gives the preface. A mere 4 pages. But very eloquent and lucid. A joy to read. The last chapter is a semi-ficticious narrative of how a hacker breaks into various computers. Unix and network experts will like the depth and ingenuity described. It can be very educational, even for experienced sysadmins.
But other chapters are poorly done. For example, Chapter 2 is on Theoretical Characterisation Metrics. It repeatedly uses various conditional probabilities, but with a wrong notation. For a probability of B given A, it uses p(B)/A. The standard notation is P(B|A). Used for decades in statistics course. First year undergraduate level.
Other chapters, presumably written by different people, do use the correct notation. But Chapter 3, on the Cyber Food Chain, has an even more disturbing flaw. It has tables of what it calls mean inhibitor values. Derived from sets of values with only 1 significant figure. But the means are given to 4 significant figures! At best, the means only have 2. What this author is doing is imputing a false accuracy of 2 extra significant figures, or 100 times greater than actuality. More strictly, it is probably close to 1000 times greater, because the mean is really no better than one significant figure.
So what? Well, given that the authors goof on such elementary steps, it should give you serious reservations about their more "sophisticated" operations, where they discuss various metrics.
Another thing. One chapter's title is mis-spelled on the top of every page in the chapter. Irritating. Makes one wonder about the proof reading.Cyber Adversary Characterization: Auditing the Hacker Mind Overview

Want to learn more information about Cyber Adversary Characterization: Auditing the Hacker Mind?

>> Click Here to See All Customer Reviews & Ratings Now

Read More...

Malware Forensics: Investigating and Analyzing Malicious Code Review

Average Reviews:

(More customer reviews)Are you looking to buy Malware Forensics: Investigating and Analyzing Malicious Code? Here is the right place to find the great deals. we can offer discounts of up to 90% on Malware Forensics: Investigating and Analyzing Malicious Code. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Malware Forensics: Investigating and Analyzing Malicious Code ReviewMalware Forensics is an awesome book. Last year Syngress published Harlan Carvey's 5-star Windows Forensic Analysis, and now we get to enjoy this new title by James Aquilina, Eoghan Casey, and Cameron Malin, plus technical editing by Curtis Rose. I should disclose that I co-wrote a forensics book with Curtis Rose, and I just delivered a guest lecture in a class taught by Eoghan Casey. However, I still call books as I see them, regardless of the author. (Check out my review of Security Sage's Guide to Hardening the Network Infrastructure for proof.) I can confidently say that anyone interested in learning how to analyze malware, or perform incident response, will benefit from reading Malware Forensics.
I imagine that code-savvy investigators probably don't need to read Malware Forensics. However, this is not a book for newbies. The target audience includes those doing intrusion analysis on Windows and Linux who want to focus directly on examining malicious code. An investigator whose world revolves around reviewing hard drives with EnCase will probably not understand Malware Forensics. An investigator who needs guidance on identifying and then understanding malware will definitely like this book.
The front cover emphasizes the book's "practical, hands-on" nature. I admit that I tried to follow along in many parts, usually by retrieving various Windows tools to try on malware caught in my spam folder. I do not expect the reader to become an expert in any one area of analysis, but I do applaud the authors for exposing readers to just about every aspect of malware analysis you might expect. The book uses large and small cases, multiple sample analyses, and extensive tool output to guide readers. Even the legal chapter covers the questions most of us are likely to ask.
Furthermore, how often does one read an introduction (through p xxxvi) that is educational? I loved the points about DNA tests destroying evidence and the discussion of what is "forensically sound" on p xxv, and the mention of "evidence dynamics" on p xxvi. I got the sense the authors were real forensics experts, not strictly malware geeks. The citing of non-infosec sources when making points showed me they understood the big picture (p xxxi). They also cited their tools with footnotes and URLs, and included chapter end-notes.
I found very little to complain about in this book. I noticed awkward placement of commas in chapters 3 and 8. A copyeditor could have removed those. From what I can see, the authors appreciated Curtis Rose's involvement. Syngress should observe the value of an editor who seriously reviews the text. (The last page of the book even includes errata that couldn't make it into the previous text!)
I am seriously considering Malware Forensics as my Best Book Bejtlich Read in 2008. If it doesn't win (stay tuned for announcements at the end of December) Malware Forensics will be one of the top four for the year.Malware Forensics: Investigating and Analyzing Malicious Code Overview

Want to learn more information about Malware Forensics: Investigating and Analyzing Malicious Code?

>> Click Here to See All Customer Reviews & Ratings Now

Read More...