Fun book on worms? Yes!

(...)

It is not very common to see an unusual security book nowadays as many authors cover every subject. However, such sexy subject as worms, did not, in my opinion, receive adequate coverage. This book does fill this important niche effectively!

It starts from motivation sections that, if not exciting, provide a good intro and immerses the reader into the subject and how to approach it (worm analysis principles).

It then goes into: five worm components: reconnaissance, attack, communication, command, intelligence. Lots of nice details on all worm activities are in there. One of the book's advantages is author's clear writing style, easy and enjoyable to read, even if you know the subject already.

Worm traffic is the highlight of the book as well as trends and infection patterns. Traffic analysis (linked to worm traffic patterns) is described from the basics and lab setup to advanced worm hunting. The techniques include volume monitoring, new scans/sweeps, change in traffic for some systems, etc.

Worm history and taxonomy are also discussed. Also, worm internals and worm construction are covered in great detail. Worm detection goes beyond traffic analysis to honeypots and black hole monitor as well as signatures detection.

Of course, the worm book can't be complete without defenses. The defenses go beyond worms to all malware and are classified into network and host defenses, as well as counterattacking the worm population and networks.

Future worms - as usual - is the most exciting part. Overall, the book is fun and useful (in my opinion) for both researchers and practitioners. Among its negative sides I can only list its relatively high price.

(...)

Other Reviews

• Fun book on worms? Yes!
• The definitive guide to the history and development of worms