New book published on antivirus research for security

April 11, 2005


ymantec Corp. has announced publication of The Art of Computer Virus Research and Defense, authored by Peter Szor, security architect for Symantec Security Response. The book provides an insider's view of how computer virus research is conducted and how threats are analyzed for the sake of better security measurement.

Szor's book focuses primarily on self-replicating malicious code from the perspective of all three infection techniques -- file/storage, in-memory, and network. As a result, Szor has developed a detailed technical guide for IT and security professionals, along with academicians and students, for understanding the methodology of computer virus analysis and protection.

"The technique for computer virus analysis is a subject that has long been overlooked in the field of publishing regarding cyber threats," said Szor. "Such techniques have yet to be discussed in sufficient length from the highly technical perspective that the subject demands -- a perspective that can only be provided by an actual professional of virus research. Therefore, this book is aimed at and will be most useful for the IT and security professional who fight against malicious code on a daily basis."

By dividing the book into two parts -- methods of attack, followed by methods of defense -- The Art of Computer Virus Research and Defense offers an encyclopedic treatment of the computer virus, including its history and evolution, behavior, classification, protection strategies and techniques, and how to conduct an accurate threat analysis.

As a security architect with Symantec Security Response, Szor designs and develops antivirus technologies for the Norton AntiVirus product line. He joined Symantec in 1999 and is the author of several U.S. patents that are pending. He is also a frequent speaker at Virus Bulletin, EICAR, Usenix Security and RSA conferences, and a regular contributor to Virus Bulletin magazine.

The Art of Computer Virus Research and Defense is the third book published by Symantec Press, the publishing arm developed by Symantec in collaboration with Addison-Wesley Professional that features books focused on critical and valuable information security topics. Purchasing information for the book and additional information on other books scheduled to be published by Symantec Press can be found at