// Comparison

Les virus informatiques : théorie, pratique et applications vs Rootkits and Bootkits: Which Should You Read?

Two cybersecurity books on Malware, compared honestly: who each is for, what each does best, and which to read first.

Advanced

5/52009

Les virus informatiques : théorie, pratique et applications

Éric Filiol

Éric Filiol's reference French-language treatment of computer virology. Formal theory, infection mechanisms, offensive and defensive applications, with academic rigor rare on the topic.

Advanced

4/52019

Rootkits and Bootkits

Reversing Modern Malware and Next Generation Threats

Alex Matrosov, Eugene Rodionov, Sergey Bratus

Matrosov, Rodionov and Bratus on persistent, deeply-embedded malware: kernel rootkits, MBR/UEFI bootkits, and the forensic techniques that surface them. Strongly Windows-internals oriented.

Read this if

French-reading security students, researchers, advanced malware analysts who want a formal treatment — French-language literature on the topic is thin.

Malware analysts who need to handle below-the-OS persistence: kernel rootkits, MBR/UEFI bootkits, hypervisor-based threats. The deep specialist text in this corner of the field.

Skip this if

Readers looking for a tooling manual or introduction. Filiol writes dense; algorithmic and systems fundamentals are required.

Generalist malware analysts, or anyone whose work doesn't touch firmware-level threats. The book is dense and assumes Windows internals fluency; readers without that background will struggle.

Key takeaways

Prix Roberval 2005 (higher-education category) — one of the few French cyber books awarded at that level.
Filiol is a former military cryptanalyst and ran ESAT then ESIEA's virology lab; academic sourcing is visible chapter by chapter.
The only French-language book that treats computer virology with university-textbook rigor.

Bootkits and UEFI rootkits are not theoretical; the book documents real samples (LoJax, MoonBounce, BlackLotus-class) and the techniques that make them detectable.
Secure Boot is necessary but not sufficient; the chapters on UEFI variables and SMM trust are required reading for anyone designing platform security.
Forensic detection of below-the-OS threats requires platform-specific tooling; the book's coverage of memory-acquisition pitfalls and integrity verification is the practical core.

How they compare

We rate Les virus informatiques : théorie, pratique et applications higher (5/5 against 4/5 for Rootkits and Bootkits). For most readers, that means Les virus informatiques : théorie, pratique et applications is the primary pick and Rootkits and Bootkits is a useful follow-up.

Both books target advanced-level readers, so the choice is about topic, not difficulty.

Les virus informatiques : théorie, pratique et applications and Rootkits and Bootkits both cover Malware, Reverse Engineering, so reading them in sequence reinforces the same material from different angles.

Keep reading