Buy new:
-26% $40.79
FREE delivery July 27 - 29
Ships from: Amazon.com
Sold by: Amazon.com
$40.79 with 26 percent savings
List Price: $54.99

The List Price is the suggested retail price of a new product as provided by a manufacturer, supplier, or seller. Except for books, Amazon will display a List Price if the product was purchased by customers on Amazon or offered by other retailers at or above the List Price in at least the past 90 days. List prices may not necessarily reflect the product's prevailing market price.
Learn more
FREE Returns
FREE delivery July 27 - 29
Or fastest delivery July 23 - 25
In Stock
$$40.79 () Includes selected options. Includes initial monthly payment and selected options. Details
Price
Subtotal
$$40.79
Subtotal
Initial payment breakdown
Shipping cost, delivery date, and order total (including tax) shown at checkout.
Ships from
Amazon.com
Ships from
Amazon.com
Sold by
Amazon.com
Sold by
Amazon.com
Returns
Eligible for Return, Refund or Replacement within 30 days of receipt
Eligible for Return, Refund or Replacement within 30 days of receipt
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt.
Read full return policy
Returns
Eligible for Return, Refund or Replacement within 30 days of receipt
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt.
Read full return policy
Payment
Secure transaction
Your transaction is secure
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
Payment
Secure transaction
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
$15.90
Get Fast, Free Shipping with Amazon Prime FREE Returns
Book is in good condition and may include underlining highlighting and minimal wear. The book can also include From the library of labels. May not contain miscellaneous items toys dvds etc. . We offer 100% money back guarantee and 24 7 customer service. Free 2-day shipping with Amazon Prime! Book is in good condition and may include underlining highlighting and minimal wear. The book can also include From the library of labels. May not contain miscellaneous items toys dvds etc. . We offer 100% money back guarantee and 24 7 customer service. Free 2-day shipping with Amazon Prime! See less
FREE delivery Wednesday, July 31 on orders shipped by Amazon over $35
Or fastest delivery Tuesday, July 30. Order within 2 hrs 27 mins
Only 1 left in stock - order soon.
$$40.79 () Includes selected options. Includes initial monthly payment and selected options. Details
Price
Subtotal
$$40.79
Subtotal
Initial payment breakdown
Shipping cost, delivery date, and order total (including tax) shown at checkout.
Access codes and supplements are not guaranteed with used items.
Kindle app logo image

Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.

Read instantly on your browser with Kindle for Web.

Using your mobile phone camera - scan the code below and download the Kindle app.

QR code to download the Kindle App

Follow the author

Peter Szor
Follow
Something went wrong. Please try your request again later.

Art of Computer Virus Research and Defense, The

by Peter Szor (Author)
4.6 4.6 out of 5 stars 57 ratings
See all formats and editions
{"desktop_buybox_group_1":[{"displayPrice":"$40.79","priceAmount":40.79,"currencySymbol":"$","integerValue":"40","decimalSeparator":".","fractionalValue":"79","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"fIPlukRncHGfRVJZQ1sV%2BQpXy1NBgi1xolm0qIbinlNAtlJ8KQ0NDf8MXw5Xh%2BalPDwbr%2BKTpxcF6NaQJtRmcZB3dAJB%2BysHF5rW6cg0nS60zCMh9%2Fp4A7dotpbSG1SnIZO7Tn%2F0Adw%3D","locale":"en-US","buyingOptionType":"NEW","aapiBuyingOptionIndex":0}, {"displayPrice":"$15.90","priceAmount":15.90,"currencySymbol":"$","integerValue":"15","decimalSeparator":".","fractionalValue":"90","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"fIPlukRncHGfRVJZQ1sV%2BQpXy1NBgi1xs%2FWNXYCgVhmFOU4uG5lqzpLayMXrvvlj6gR%2BIEAadxAKcHcAEr2JqOii0sm4rXz1oNR1sF8YF69G4lVzkG4npOdnpWg8bI%2F93PPlSDSKg61cEtqv5Hl5YFzQHmqiQfGScFds3cnHvZeADCwIbuqHrxDshewn%2FUlc","locale":"en-US","buyingOptionType":"USED","aapiBuyingOptionIndex":1}]}

Purchase options and add-ons

Peter Szor takes you behind the scenes of anti-virus research, showing howthey are analyzed, how they spread, and--most importantly--how to effectivelydefend against them. This book offers an encyclopedic treatment of thecomputer virus, including: a history of computer viruses, virus behavior,classification, protection strategies, anti-virus and worm-blocking techniques,and how to conduct an accurate threat analysis. The Art of Computer VirusResearch and Defense entertains readers with its look at anti-virus research, butmore importantly it truly arms them in the fight against computer viruses.As one of the lead researchers behind Norton AntiVirus, the most popularantivirus program in the industry, Peter Szor studies viruses every day. Byshowing how viruses really work, this book will help security professionals andstudents protect against them, recognize them, and analyze and limit thedamage they can do.

Previous slide of product details
  1. ISBN-10
    9780321304544
  2. ISBN-13
    978-0321304544
  3. Publication date
    February 3, 2005
  4. Language
    English
  5. Dimensions
    6.75 x 1.5 x 9 inches
  6. Print length
    744 pages
  7. See all details
Next slide of product details
Amazon First Reads | Editors' picks at exclusive prices

Frequently bought together

Art of Computer Virus Research and Defense, The
$40.79
In Stock
Ships from and sold by Amazon.com.
+
VX Underground Black Mass: Volume 1
$8.00
In Stock
Ships from and sold by Amazon.com.
Total price:
To see our price, add these items to your cart.
Details
Added to Cart
spCSRF_Control
Choose items to buy together.

Editorial Reviews

From the Back Cover

"Of all the computer-related books I've read recently, this one influenced my thoughts about security the most. There is very little trustworthy information about computer viruses. Peter Szor is one of the best virus analysts in the world and has the perfect credentials to write this book."

―Halvar Flake, Reverse Engineer, SABRE Security GmbH

Symantec's chief antivirus researcher has written the definitive guide to contemporary virus threats, defense techniques, and analysis tools. Unlike most books on computer viruses, The Art of Computer Virus Research and Defense is a reference written strictly for white hats: IT and security professionals responsible for protecting their organizations against malware. Peter Szor systematically covers everything you need to know, including virus behavior and classification, protection strategies, antivirus and worm-blocking techniques, and much more.

Szor presents the state-of-the-art in both malware and protection, providing the full technical detail that professionals need to handle increasingly complex attacks. Along the way, he provides extensive information on code metamorphism and other emerging techniques, so you can anticipate and prepare for future threats.

Szor also offers the most thorough and practical primer on virus analysis ever published―addressing everything from creating your own personal laboratory to automating the analysis process. This book's coverage includes

  • Discovering how malicious code attacks on a variety of platforms

  • Classifying malware strategies for infection, in-memory operation, self-protection, payload delivery, exploitation, and more

  • Identifying and responding to code obfuscation threats: encrypted, polymorphic, and metamorphic

  • Mastering empirical methods for analyzing malicious code―and what to do with what you learn

  • Reverse-engineering malicious code with disassemblers, debuggers, emulators, and virtual machines

  • Implementing technical defenses: scanning, code emulation, disinfection, inoculation, integrity checking, sandboxing, honeypots, behavior blocking, and much more

  • Using worm blocking, host-based intrusion prevention, and network-level defense strategies


© Copyright Pearson Education. All rights reserved.

About the Author

Peter Szor is security architect for Symantec Security Response, where he has been designing and building antivirus technologies for the Norton AntiVirus product line since 1999. From 1990 to 1995, Szor wrote and maintained his own antivirus program, Pasteur. A renowned computer virus and security researcher, Szor speaks frequently at the Virus Bulletin, EICAR, ICSA, and RSA conferences, as well as the USENIX Security Symposium. He currently serves on the advisory board of Virus Bulletin magazine, and is a founding member of the AVED (AntiVirus Emergency Discussion) network.


© Copyright Pearson Education. All rights reserved.

Product details

  • ASIN ‏ : ‎ 0321304543
  • Publisher ‏ : ‎ Addison-Wesley Professional (February 3, 2005)
  • Language ‏ : ‎ English
  • Paperback ‏ : ‎ 744 pages
  • ISBN-10 ‏ : ‎ 9780321304544
  • ISBN-13 ‏ : ‎ 978-0321304544
  • Item Weight ‏ : ‎ 2.3 pounds
  • Dimensions ‏ : ‎ 6.75 x 1.5 x 9 inches
  • Customer Reviews:
    4.6 4.6 out of 5 stars 57 ratings

About the author

Follow authors to get new release updates, plus improved recommendations.
Peter Szor

Peter Szor

Brief content visible, double tap to read full content.
Full content visible, double tap to read brief content.

Discover more of the author’s books, see similar authors, read author blogs and more

Customer reviews

4.6 out of 5 stars
4.6 out of 5
57 global ratings

Customers say

Customers find the book highly informative and well-written about virus developments. They also say the writing style is easy to read and understand.

AI-generated from the text of customer reviews

Select to learn more
ContentWriting style
5 customers mention "Content"5 positive0 negative

Customers find the book highly informative and essential for understanding threats and countermeasures. They also say it's a powerful and clear guidebook.

"It's pretty dated these days, but it's still a highly informative read about virus developments over time and the tools of the defender, the anti-..." Read more

"...It will teach you how to make a good antivirus program. It is very informative and well written!!!!" Read more

"...This discussion is fascinating reading, and one would have hoped that the source code was supplied in the book in order to allow responsible and..." Read more

"Very informative" Read more

3 customers mention "Writing style"3 positive0 negative

Customers find the writing style informative and well written.

"...It is very informative and well written!!!!" Read more

"...The author is also very thorough in his treatment of the different viruses and their association with specific computer platforms...." Read more

"phenominal read, although getting a bit dated" Read more

Top reviews from the United States

book addict
5.0 out of 5 stars It's pretty dated these days
Reviewed in the United States on November 2, 2015
Verified Purchase
It's pretty dated these days, but it's still a highly informative read about virus developments over time and the tools of the defender, the anti-virus industry. Even shows how to analyze malware. x86 assembly language knowledge is needed to understand the code snippets.

If you want something more up to date, try Practical Malware Analysis.
3 people found this helpful
Helpful
 Report
WisdomThang
5.0 out of 5 stars Learned something
Reviewed in the United States on December 27, 2013
Verified Purchase
For those of you who are proficient in computers this is the book for you. It will teach you how to make a good antivirus program. It is very informative and well written!!!!
Helpful
 Report
Christina Robinson
5.0 out of 5 stars Though dated still the most complete text on the subject ...
Reviewed in the United States on March 30, 2015
Verified Purchase
Though dated still the most complete text on the subject. With very little trouble one should be able to supplement this with resources from the net (For example, you might want to investigate the use of Hidden Markov Models in the detection of Metamorphic Engines and how to defeat these )
2 people found this helpful
Helpful
 Report
Eduardo Dicarte
5.0 out of 5 stars Great book
Reviewed in the United States on January 2, 2019
Verified Purchase
I'm loving this book. Great book!!!
Helpful
 Report
Dr. Lee D. Carlson
3.0 out of 5 stars Disappointing
Reviewed in the United States on August 5, 2005
Verified Purchase
The book is very disappointing in that the author does not show explicitly how to create and code viruses. The author explains in the preface that he does not include such code because of its obvious dangers. This reviewer believes however that the more understanding we have of viruses the better we can deal with their threats. We need to understand just what is possible, and this can only be done by creating viruses that may or may not be hazardous to computer systems. The more viruses that we create and then study the more we can guard against their infection. This goes for computer viruses as well as biological ones. Yes, there are dangers involved in doing this, but these dangers are nullified by the tools and artificial immune systems that we create in the process of studying viruses.

The book of course is not without its merits, one of these being the discussion of the history of computer viruses, which the author includes in the first chapter of the book. The designation "computer virus" was done in 1984, at which time a formal mathematical model was created for computer viruses. The author defines a computer virus as being a program that can recursively and explicitly copy a possibly evolved version of itself. This definition he says covers the notion of a `companion virus', which does not necessarily modify the code of other programs.

The author is also very thorough in his treatment of the different viruses and their association with specific computer platforms. In addition, he gives a detailed treatment of how to analyze a computer virus using disassemblers, debuggers, emulators, virtual machines, virus test networks, and unpackers, along with various other tools. Readers will definitely benefit from knowledge of assembly code.

For non-experts in virus research (such as this reviewer) but who have a strong mathematical background, a natural question to ask is whether one could develop a highly sophisticated computer immune system that would be able to detect any kind of computer virus within a reasonable time scale. The author believes that this cannot be accomplished, quoting a result by the mathematician Frederick Cohen (the inventor of the term "computer virus") indicating that such an immune system is not possible. The Cohen proof is not included in the book unfortunately, but a perusal of the literature will reveal that the proof is based, as expected, on the theory of computability and Turing machines. What Cohen showed was that the detection of generic computer viruses is undecidable by showing that if such a procedure existed, it would solve the halting problem for Turing machines.

Given the Cohen result, it is appropriate to ask whether viruses can come in such a wide variety as to make their detection and annihilation unique to the actual virus. In addition, it would appear that after a reasonable amount of time, it would become more difficult for virus writers to come up with `exotic' viruses that elude detection. Have most of the effective or interesting viruses already been invented, and therefore countered, by anti-virus programs? When reading this book one gets the impression that this is the case. However, the author shows that such a judgment would be premature, and he spends a fair amount of time in the book discussing possible future developments in computer viruses, particularly in distributed environments.

Even if virus writers are exhausting the possibilities for effective viruses, they can still find ways of evading the detection programs, using encryption for example. The author discusses several different approaches to the encryption of viruses, all of these having varying degrees of success, depending of course on the resources and knowledge base of the virus analyst. An interesting topic discussed in this connection is the origin of `oligomorphic' viruses, which change their decryptors in new generations. The `polymorphic' viruses, which are the next stage in complexity, are also discussed in this context, these allowing the mutation of their decryptors in possibly millions of different forms. When a virus is able to create new generations of itself that look different, it is called a 'metamorphic' virus. The author gives examples of these, how thay are detected, and the possibility of using them to construct a virus generator able to create new virus mutations on the fly without any human intervention. One of the metamorphic viruses, named W95/Zmist, is described by the author as being one the most complex binary viruses ever created. For that reason it is discussed in detail in the book. This discussion is fascinating reading, and one would have hoped that the source code was supplied in the book in order to allow responsible and curious individuals to create the W95/Zmist virus and study its behavior in real systems under controlled laboratory conditions.

The author does not distinguish between computer worms and viruses, except to say that the former are sometimes distinguished from the latter in the way they infect networks. A worm does not usually need to infect files but can propagate as a standalone program. However, the author gives examples of worms that do propagate by the infection of files. Illicit information gathering is the purpose of most worms, and the author discusses several different techniques that worms use to obtain this information. Particularly interesting to read about are the different techniques that computer worms are used to propagate themselves. One of these involves instant messaging, which because of its popularity will certainly be one that is given more attention by future attackers.

Virus writers will become more creative in the future, and their efforts will no doubt be discussed in future editions of this book. But it is the more subtle approaches that remain undiscovered that are the most devastating to both individuals and businesses. One gets the impression when reading this book that most of the viruses are created by pranksters who gain emotional reinforcement by the success of the exploits. The antivirus defense techniques work in the latter but not the former.
23 people found this helpful
Helpful
 Report
Amazon Customer
4.0 out of 5 stars Four Stars
Reviewed in the United States on November 9, 2017
Verified Purchase
Very informative
Helpful
 Report
Chris Reed
5.0 out of 5 stars Five Stars
Reviewed in the United States on December 23, 2014
Verified Purchase
phenominal read, although getting a bit dated
Helpful
 Report
J. Reuter
5.0 out of 5 stars Powerful and clear guidebook
Reviewed in the United States on May 29, 2016
Verified Purchase
Powerful and clear guidebook, essential for understanding threats and countermeasures.
Helpful
 Report

Top reviews from other countries

Translate all reviews to English
Amazon Customer
5.0 out of 5 stars Excellent Service
Reviewed in Canada on August 13, 2018
Verified Purchase
A great intro for malware analysis!
Report
Cliente Kindle
5.0 out of 5 stars Dispensa comentários
Reviewed in Brazil on November 10, 2017
Verified Purchase
Este livro dispensa comentários, é simplesmente um item obrigatório que todo profissional de securança da informação deve ler, obra prima!
Report