An important topic for system security is addressed in this book. The analysis of malicious software is essential for incident response and digital forensics, and requires both advanced technical skills and operational process experience. Sikorski and Honig’s book provides a state-of-the-art introduction to the knowledge and approaches needed for the analysis of malicious software, and is probably one of the best security books that I have read over the last few years.
It’s true that another excellent competitor does exist [1] and ranking the two books is extremely difficult, if not impossible. If forced to make a choice, though, I would suggest Honig and Sikorski’s book because of its lab-oriented structure. The word “practical” in the title of the book aptly reflects its content and structure.
The book is divided into six major parts, each dedicated to a major topic in malware analysis. Several chapters in each part address in a comprehensive manner a specific subtopic. Each chapter ends with a series of practical assignments, and related data and files are available for download from the book’s Web site.
What makes this book truly amazing is the fact that detailed solutions to the assignments are given at the end of the book. In fact, it looks more like two books for the price of one. The discussions of the assignments and their solutions require an overall number of pages roughly equal to the number of pages covering the malware analysis. It is impossible to review such a book on a chapter-by-chapter basis. The many chapters and the technical background information can hardly be summarized in one review, but the prospective reader can rest assured that everything required to master the analysis of malware is covered here. The content ranges from static analysis to dynamical analysis, anti-reverse engineering, and software obfuscation, and journeys into 64-bit malware and practical debugging. The book is both timely and of high quality. I am definitely excited and fascinated by the authors’ comprehensive approach; even readers with moderate experience in this area might find new and unknown issues to explore.
This is definitely a must-read for those interested in digital forensics, reverse engineering, and malware analysis. The book’s lab-oriented structure also makes it an ideal textbook for a graduate-level class in applied security. This book will become the reference source for this topic.