Information Security

Defending the digital infrastructure


Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Secure Reads: The Art of Computer Virus Research and Defense

Read a review of The Art of Computer Virus Research and Defense.

The Art of Computer Virus Research and Defense
By Peter Szor
713 pages, $49.99
Symantec Press


The Art of Computer Virus Research and Defense
@exe Need a deep, technical understanding of virus and antivirus technology? Weighing in at more than 700 pages, Virus Research and Defense is the literal "brain dump" of Peter Szor, a renowned virus expert. Nothing else even comes close in terms of giving the reader the ultimate in virus analysis theory and practice.

The book is split into the familiar dichotomy: attack methods and defense methods. In the first section, Szor sets the stage for his epic work, not only providing the computer science and mathematical theories underlying computer viruses (e.g., John von Neumann's automata models), but also recounting their history starting with the "Creeper" virus in the early 1970s. "Species" of viruses--each dedicated a separate section--are organized in a logical hierarchy. For example, Szor divides the chapter on "Classification of Infection Strategies" into three basic sections: boot viruses, file infection techniques and Win32 viruses. A full 14 different file infection techniques are then documented--e.g., "4.2.9 Amoeba Infections"--all within this small corner of Szor's incredibly rich kingdom.

But the book goes even further, providing several additional taxonomies--code environments, infection strategies, in-memory strategies and payload types. The chapter on basic self-protection strategies that viruses use to avoid detection, analysis and/or removal teaches that both sides in the virus war are equally intellectual and technically advanced.

The serious flaw afflicting Virus Research and Defense--poor composition and writing style--is intricately tied to its greatest strength. Presentation takes a back seat to the primary goal: jamming as much technical info into a single text as possible. While incredibly well-organized, the prose reads more like a lecture transcription than a textual composition.

Weaknesses aside, Virus Research and Defense leads the way for technical virus/antivirus books. If you are tasked with the antivirus strategy for your organization, or if you seek simply to broaden your infosecurity horizons, then this book should be on your shelf.

Article 6 of 16

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

Get More Information Security

Access to all of our back issues View All