Cyber Shelf

// Comparison

Les virus informatiques vs The Art of Memory Forensics: Which Should You Read?

Two cybersecurity books on Malware, compared honestly: who each is for, what each does best, and which to read first.

Advanced
4/52009
Les virus informatiques

Théorie, pratique et applications

Éric Filiol

The reference French academic treatment of computer virology — the theory, algorithms and practice of viruses and malicious code — by Éric Filiol, a former military cryptanalyst and one of France's leading virologists.

Advanced
5/52014
The Art of Memory Forensics

Detecting Malware and Threats in Windows, Linux, and Mac Memory

Michael Hale Ligh, Andrew Case, Jamie Levy, AAron Walters

Ligh, Case, Levy, and Walters' canonical reference on memory analysis with Volatility — the technique, the tooling, and the operating-system internals it depends on, across Windows, Linux, and macOS.

Read this if

Students, researchers and serious malware analysts who want the formal, algorithmic foundations of viral code, not just tool tutorials. Filiol writes from deep cryptanalysis and military research experience.
Incident responders, threat hunters, and malware analysts moving past disk forensics into the place where modern attackers actually live: in memory, in transit, and unbacked by files on disk. Also the textbook for the GCFA-and-beyond DFIR career path.

Skip this if

Beginners or readers wanting a practical malware-analysis walkthrough; it's rigorous, theory-first and mathematical, closer to a graduate text than a lab guide.
Beginners with no OS-internals background; the book assumes you know what a process, a handle, and a kernel object are. Also dated on Volatility 3 — written for 2.x — though the conceptual material translates cleanly.

Key takeaways

  • The canonical French-language text on the theory of computer viruses, by a recognised authority.
  • Theory- and algorithm-first: formal models of self-reproduction, detection complexity, and viral techniques.
  • Best read after a practical malware book — it explains why the techniques work, not how to click through a sandbox.
  • Memory is the only place where modern post-exploitation tools are guaranteed to be honest; the book makes that argument by showing what you can recover that disk cannot.
  • Volatility plugins are an investigative grammar — once you know the verbs, you can construct the questions; the book is the dictionary for the grammar.
  • Cross-OS memory forensics is one workflow with three dialects; the unified Windows/Linux/macOS coverage is the book's underrated structural choice.

How they compare

We rate The Art of Memory Forensics higher (5/5 against 4/5 for Les virus informatiques). For most readers, that means The Art of Memory Forensics is the primary pick and Les virus informatiques is a useful follow-up.

Both books target advanced-level readers, so the choice is about topic, not difficulty.

Les virus informatiques and The Art of Memory Forensics both cover Malware, so reading them in sequence reinforces the same material from different angles.

Keep reading

Les virus informatiques

Alternatives to Les virus informatiquesWhat to read after Les virus informatiques

The Art of Memory Forensics

Alternatives to The Art of Memory ForensicsWhat to read after The Art of Memory Forensics

Related topics

Malware