Subscribe
Issue No.02 - February (2005 vol.38)
pp: 80
Forensic Discovery: The Definitive Guide to Computer Forensics, Dan Farmer and Wietse Venema. This book covers both the theory and hands-on practice of forensic discovery, introducing a powerful approach that can often recover evidence considered forever lost.

The authors draw on firsthand experience to cover subjects ranging from file systems to memory and kernel hacks to malware. They expose a wide variety of computer forensics myths that often stand in the way of success. Readers will find extensive examples from Solaris, FreeBSD, Linux, and Microsoft Windows as well as practical guidance for writing their own forensic tools.
This book can help readers understand essential forensics concepts such as volatility, layering, and trust; gather the maximum amount of reliable evidence from a running system; recover partially destroyed information and make sense of it; and timeline their system to understand what really happened and when. Readers will also learn how to uncover secret changes to everything from system utilities to kernel modules, avoid cover-ups and evidence traps set by intruders, and identify the digital footprints associated with suspicious activity. Other topics covered include understanding file systems from a forensic analyst's point of view, analyzing malware without giving it a chance to escape, capturing and examining the contents of main memory on running systems, and how to unravel an intrusion one step at a time.
A companion Web site contains complete source and binary code for the open source software the authors describe. The site also offers additional computer forensics case studies and resource links.
Addison-Wesley Professional; www.awprofessional.com; 0-201-63497-X; 240 pp.; $39.99. Practical Software Testing: A Process-Oriented Approach, Ilene Burnstein. Software testing is rapidly evolving as a critical software engineering subdiscipline. To meet the needs of software professionals in this field, the author explains how to effectively plan for testing, design test cases, test at multiple levels, organize a testing team, and optimize testing tool use. Using the Testing Maturity Model as a framework, the book introduces testing in a systematic, evolutionary way; describes industrial TMM applications; and covers testing topics with either procedurally based or object-oriented programming code. The book includes a sample test plan, comprehensive exercises, and definitions for software testing and quality. It introduces both technical and managerial aspects of testing in a clear and precise style and provides a balanced perspective of all aspects of testing. Springer; www.springeronline.com; 0-387-95131-8; 706 pp.;$69.95.
Internet Denial of Service: Attack and Defense Mechanisms, Jelena Mirkovic, Sven Dietrich, David Dittrich, and Peter Reiher. This book sheds light on a complex form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide. It tells the network administrator, corporate chief technical officer, incident responder, and student how hackers prepare and execute distributed denial of service attacks, how to think about DDoSs, and how to arrange computer and network defenses. It also provides a suite of actions that can be taken before, during, and after an attack.
The book gives readers comprehensive information on how denial-of-service attacks are waged, how to improve a network's resilience to denial-of-service attacks, what to do when targeted by a denial-of-service attack, and the laws that apply to these attacks and their implications. It also describes how often denial-of-service attacks occur and the kind of damage they can cause and provides real examples of denial-of-service attacks as experienced by the attacker, victim, and unwitting accomplices.
Prentice Hall PTR; www.phptr.com; 400 pp.; 0-13-147573-8; $39.99. Autonomy Oriented Computing: From Problem Solving to Complex Systems Modeling, Jiming Liu, XiaoLong Jin, and Kwok Ching Tsui. This book provides a comprehensive reference for scientists, engineers, and other professionals concerned with this promising development in computer science. It can also be used as a text in graduate and undergraduate programs in computer-related disciplines, including robotics and automation, amorphous computing, image processing, and computational biology. In addition to describing the basic concepts and characteristics of an autonomy-oriented computing system, the book enumerates the critical design and engineering issues faced in AOC system development. The authors offer detailed analyses of methodologies and case studies that evaluate AOC's use in problem solving and complex system modeling. The book's many illustrative examples, experimental case studies, and exercises at the end of each chapter help consolidate the methodologies and theories presented. Kluwer Academic Publishers; www.wkap.nl; 1-4020-8121-9; x pp.;$136.