The Art of Computer Virus Research and Defense and over one million other books are available for Amazon Kindle. Learn more
  • List Price: $54.99
  • Save: $34.37 (63%)
Rented from RentU
To Rent, select Shipping State from options above
Due Date: May 28, 2015
FREE return shipping at the end of the semester. Access codes and supplements are not guaranteed with rentals.
FREE Shipping on orders over $35.
Used: Good | Details
Sold by RentU
Condition: Used: Good
Comment: Fast shipping from Amazon! Qualifies for Prime Shipping and FREE standard shipping for orders over $35. Overnight, 2 day and International shipping available! Excellent Customer Service.. May not include supplements such as CD, access code or DVD.
Access codes and supplements are not guaranteed with used items.
  • List Price: $54.99
  • Save: $24.34 (44%)
FREE Shipping on orders over $35.
In Stock.
Ships from and sold by
Gift-wrap available.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

The Art of Computer Virus Research and Defense Paperback – February 13, 2005

ISBN-13: 978-0321304544 ISBN-10: 0321304543

Buy New
Price: $30.65
Price: $20.62
26 New from $17.90 36 Used from $7.82
Amazon Price New from Used from
"Please retry"
"Please retry"
$17.90 $7.82
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student

Frequently Bought Together

The Art of  Computer Virus Research and Defense + Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software + Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Price for all three: $107.22

Buy the selected items together

Shop the new
New! Introducing the, a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Paperback: 744 pages
  • Publisher: Addison-Wesley Professional (February 13, 2005)
  • Language: English
  • ISBN-10: 0321304543
  • ISBN-13: 978-0321304544
  • Product Dimensions: 6.4 x 1.5 x 9 inches
  • Shipping Weight: 2.2 pounds (View shipping rates and policies)
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (27 customer reviews)
  • Amazon Best Sellers Rank: #435,783 in Books (See Top 100 in Books)

Editorial Reviews

From the Back Cover

"Of all the computer-related books I've read recently, this one influenced my thoughts about security the most. There is very little trustworthy information about computer viruses. Peter Szor is one of the best virus analysts in the world and has the perfect credentials to write this book."

—Halvar Flake, Reverse Engineer, SABRE Security GmbH

Symantec's chief antivirus researcher has written the definitive guide to contemporary virus threats, defense techniques, and analysis tools. Unlike most books on computer viruses, The Art of Computer Virus Research and Defense is a reference written strictly for white hats: IT and security professionals responsible for protecting their organizations against malware. Peter Szor systematically covers everything you need to know, including virus behavior and classification, protection strategies, antivirus and worm-blocking techniques, and much more.

Szor presents the state-of-the-art in both malware and protection, providing the full technical detail that professionals need to handle increasingly complex attacks. Along the way, he provides extensive information on code metamorphism and other emerging techniques, so you can anticipate and prepare for future threats.

Szor also offers the most thorough and practical primer on virus analysis ever published—addressing everything from creating your own personal laboratory to automating the analysis process. This book's coverage includes

  • Discovering how malicious code attacks on a variety of platforms

  • Classifying malware strategies for infection, in-memory operation, self-protection, payload delivery, exploitation, and more

  • Identifying and responding to code obfuscation threats: encrypted, polymorphic, and metamorphic

  • Mastering empirical methods for analyzing malicious code—and what to do with what you learn

  • Reverse-engineering malicious code with disassemblers, debuggers, emulators, and virtual machines

  • Implementing technical defenses: scanning, code emulation, disinfection, inoculation, integrity checking, sandboxing, honeypots, behavior blocking, and much more

  • Using worm blocking, host-based intrusion prevention, and network-level defense strategies

© Copyright Pearson Education. All rights reserved.

About the Author

Peter Szor is security architect for Symantec Security Response, where he has been designing and building antivirus technologies for the Norton AntiVirus product line since 1999. From 1990 to 1995, Szor wrote and maintained his own antivirus program, Pasteur. A renowned computer virus and security researcher, Szor speaks frequently at the Virus Bulletin, EICAR, ICSA, and RSA conferences, as well as the USENIX Security Symposium. He currently serves on the advisory board of Virus Bulletin magazine, and is a founding member of the AVED (AntiVirus Emergency Discussion) network.

© Copyright Pearson Education. All rights reserved.

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Peter's book is well written, entertaining, very technical and even controversial at places.
Mikko Hypponen
Recommended mostly for the curious geek or serious security professional only, but highly, highly recommended for that audience.
Anthony Lawrence
The Art of Computer Virus Research and Defense is a great book from one of the top AV people around.
Eric Kent

Most Helpful Customer Reviews

49 of 52 people found the following review helpful By Richard Bejtlich on February 27, 2005
Format: Paperback
Peter Szor's 'The Art of Computer Virus Research and Defense' (TAOCVRAD) is one of the best technical books I've ever read, and I've reviewed over 150 security and networking books during the past 5 years. This book so thoroughly owns the subject of computer viruses that I recommend any authors seeking to write their own virus book find a new topic. Every technical computing professional needs to read this book, fast.

I read this book from cover to cover. The author does not lie when he says acquiring the same amount of information requires digging in obscure virus journals and analyzing malicious code. TAOCVRAD's single most powerful aspect is the author's persistence in naming one or more sample viruses that exemplify whatever concept he is discussing. In other words, all of his theory is backed by, or builds on, real-life examples. Each chapter contains moderate end-notes that provide pointers for additional research.

A truly great book has the power to change deeply-entrenched opinions, or make readers look at old problems in a new light. In my case, I altered my perception of the virus problem and ways to fight it. First, I changed my concept of viruses and worms. Peter builds on Fred Cohen's virus definition to say 'a computer virus is a program that recursively and explicitly copies a possibly evolved version of itself.' He calls worms a 'subclass of computer viruses.' I used to disagree with Peter; I believed a virus infects files and requires user interaction, and a worm spreads by itself via the network. Now I agree with Peter's viewpoint: 'worms are network viruses, primarily replicating on networks... If the primary vector of the virus is the network, it should be classified as a worm.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
18 of 19 people found the following review helpful By Dr Anton Chuvakin on March 31, 2005
Format: Paperback
If the phase "a bible of malware" weren't a cliché, I would have used it to describe this book without hesitation. I read a lot of security (and specifically, malware) titles, but I have never seen a book that comprehensive and detailed, period.

The author appears to know _everything_ that was going on in the malicious software space since the 80s (for example, who knew that there were viruses written in DEC's DCL language)... A lot of effort is spent classifying various infection, in-memory, self-protection, payload and other virus strategies. I loved the section on malware self-protection, such as anti-debugging and anti-disassembly tactics and even self-brute-forcing virus code (I never knew there are sooo many of those tricks). Nowhere else I saw the detailed explanation of oligomorphic, polymorphic and metamorphic viruses... Note that while the book does cover the fun historical viruses, its coverage extends all the way to phishing attacks of the 2004-2005.

My other favorite part is the chapter on worms. "Vanilla" viruses often feel like the creatures of the past, and the worms steal all the glory. The other holds a view that worms are just a type of viruses that he justifies fairly well. Indeed, there is no accepted definition of a "worm".

The book is obviously aimed towards virus defense, although both sides are covered in [at times] excruciating detail. The entire part is dedicated to history and technology of virus scanning. Personally, I never saw it covered with that level of detail. Finally, I had a chance to learn what `heuristic detection' means.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
9 of 9 people found the following review helpful By r2d3_ge on August 10, 2005
Format: Paperback
If you are interested in historical details about viruses/malware, if you are searching for details about various techniques getting used by malicious software and if you are interested how people in the AV industry work... This book is definatly THE reference. Peter, a very competent virus researcher, who is known through his various articles in the Virus Bulletin magazine shows you all the techniques you need to analyse, to detect and to remove malicious software. His technical overview includes the entire history of computer viruses and is written in a very impressive and entertaining style. While I have read many books and articles about exploiting software, he also serves the most understandable definition of exploiting techniques like the classical stack overflow etc. I must say that his style impressed me so much that I read through the book in one day, something normally happening to me when reading thrillers of James Patterson. But this book is so well written, that you can rarely lay it out of your hands. You just want to know where Peter leds to, the next step in the voyage through the malicious world of computer viruses and malware. This book is geared through everybody trying to understanding what's happening in the malicious code polluting the Internet. For me well worth the money I spent on it.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
7 of 7 people found the following review helpful By Cody Wu on August 12, 2005
Format: Paperback
I was wondering in the bookshop trying to find some in-depth books on Computer Virus and Network Security and suddenly I came across this book. In a few pages the book lit up my eyes and the author successfully attracted my attention and I was simply amazed by his solid background and rich knowledge and also his effort in presenting all the materials in an orderly and logical way that has successfully flatten the learning curve for people fresh to the area.

Well, some people may complain that this is a disappointing book in that it hasn't gone far enough to illustrate the necessary virus writing skills and they believe only in this way can one speciallized in virus defense benefit most. Again, this is not the truth as far as I see. If one simply want to write virus by following existing codes he can only gain a narrow horizon by focusing upon one or two popular virus. But as the old idiom goes, you will miss the forest by seeing a tree only. New virus are produced by those high-intelligent poeple everyday and promises to continue to come in the forseeable future. New technologies too, emerge and then disapper with the patch or hot fixes. But as long as you have a comprehensive knowledge of the basic of virus research and defense you will never lose in this battle against virus. I think the author has trying to model his book to be some thing beyond the mere technology collection but to present to us how one might equip himself with the fundamental knowledge of the virus's history, main ideas, or even try to give definition in some places. So this is why the author names his creation to be "Virus research & defense" instead of "virus writing & defense". And as far as I see, his attempt has been a huge success.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews