I got word this morning that the article I wrote for the Digital Investigation journal has been published online via ScienceDirect. The article is titled, "Instant messaging investigations on a live Windows XP system".
I'm currently working on another article entitled, "Malware Analysis for Windows Administrators". This one is going to be more indepth and technical, but I'm not going to address issues of disassembly and debugging. Why is that, you ask? Well, from my experience, most folks (not just Windows admins) aren't really familiar with debugging and disassembly. I took assembly language programming for the Motorola 68000 microprocessor while I was in grad school, and if it's not something that you do and do consistently, it really doesn't stay with you. However, I do think that the steps I'm outlining for both static and dynamic analysis of malware will be extremely useful to Windows administrators, incident responders, and a wide variety of other folks who are just interested in finding out what that odd piece of software does.
No comments:
Post a Comment