Sunday, July 09, 2006

Security Research Reference Coverage

I’ve recently started getting more requests on participating or guiding to a certain extend, student theses and various other research papers. There's nothing more pleasant than exchanging points of view, don't preach, but teach and question everything is what I have in mind. So, I've decided to share some publications featuring some of my previous papers, and by the way, I'm very near to releasing two research papers on hot topics that emerged during 2006, so stay tuned!

Online Media
- Quoted in an article by Arthur G. Insana for ImediaConnection.com back in 2004, discussing the various threats posed by trojan horses. Trouble is, I'm no longer affiliated with the company. Respect the individual!
- Quoted in an article by Bill Brenner on the "Storm Worm" and social engineering when it comes to malware in general
- My paper on the future trends of malware got Slashdotted
- Security.nl covered the International Exploits Shop in an article
- Yet another article at Security.nl this time regarding my future trends of malware paper.
- Marc Olanié at Reseaux-Telecoms.net has been writing lots of articles regarding my research worth going through
- Microsoft, concepteur de virus
- Des truands, des failles, du business...
- Danchev sur l'Achat de failles
- Bientôt, le virus et l'attaque DoS on demand
- Encore et toujours F-Secure/Kaspersky...
- Clusif : le rapport criminalité 2005, chantages et escroqueries
- Le Cyber-Jihad fait trembler l'Amérique
- La vie secrète du phishing : 20/20 en éco et géographie
- Symantec : Boulevard du crime... et au delà

Research Papers/Academic
- Future of Malicious Code references my future trends of malware paper. Here's the French version
- Entwurf eines Kunstlichen Immunsystems zur Netzwerkuberwachung auf Basis eines Multi-Agenten-Systems references future trends of malware
- Limiting Vulnerability Exposure through effective Patch Management: Threat Mitigation Through Vulnerability Remediation references my best practices on security policies
- Developing a Security Policy refences my paper on security policies
- Policy Review references my paper on security policies

- Hu Xiaodong, “Security Centre for an Enterprise thesis”, CS Department, Stockholm’s University, references Building and Implementing a Successful Information Security Policy

- Jinqiao Yu, "TRINETR: An Intrusion Detection Alert Management and Analysis System dissertation", College of Engineering and Mineral Resources at West Virginia University, references Building and Implementing a Successful Information Security Policy

- Philippe Farges and Annick Tremblet, "Project on Trojans", Department of Computer Science Linkoping Institute of Technology, Sweden, references The Complete Windows Trojan Paper
- Fausi Qattan & Fredrik Thernelius, "Deficiencies in Current Software Protection Mechanisms and Alternatives for Securing Computer Integrity", Department of Computer and Systems Sciences
Stockholm University - Royal Institute of Technology, references The Complete Windows Trojan Paper
- Computer Knowledge, "Virus Tutorial" references The Complete Windows Trojan Paper
- Reyes, Juan Carlos, "Una Aproximación Teórica a la Prevención del Factor Humano en la Seguridad Informatica", references Reducing "Human Factor" Mistakes
- Rezan Fisli, "Secure Corporate Communications Over VPN-Based WANs", references Building and Implementing a Successful Information Security Policy
- Vo Khac Thanh, "An IT security policy framework", Asian Institute of Technology SAT : School of Advanced Technologies, references Building and Implementing a Successful Information Security Policy
- Rohmadi Hidayat, "Deteksi Trojan Dan Penanganannya", references The Complete Windows Trojan Paper
- Robert J. Kaufman III, "Susceptibilities Policy Review (Top-Down Methodology) Lesson 7 PPT", The University of Texas at San Antonio, College of Business, references Building and Implementing a Successful Information Security Policy
- "Trends of Spyware, Viruses and Exploits", references Malware - it's getting worse
- Steven M. Michnick, "Information Security Framework for Small and Medium Sized Businesses", references Passwords - Common Attacks and Possible Solutions
- Samer Catalan, "Trojan Horses", RWTH Aachen University, references The Complete Windows Trojan Paper
- Stephen M. Specht and Ruby B. Lee, "Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures", Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, International Workshop on Security in Parallel and Distributed Systems, references The Complete Windows Trojan Paper

- Delwyn Lee, Adam Marks, David Bell, “Student Residence Secure Solutions Analysis of ResNet Security”, references Building and Implementing a Successful Information Security Policy

- Clarissa L. Evans Brown, “A Policy to prevent outsider attacks on the local network”, GSEC Practical Assignment, references Building and Implementing a Successful Information Security Policy

- Hatim Ali Badr, “Online home users Defense in Depth”, GIAC Practical Assignment, references The Complete Windows Trojan Paper

- Tim Strong, “PestPatrol in a Corporate Environment: A Case Study in Information Security” – GIAC Practical Assignment, references The Complete Windows Trojan Paper's Future of Trojans section

- Sorcha Canavan, "An Information Policy Development Guide for Large Companies" – GSEC, Practical Assignment, references Building and Implementing a Successful Information Security Policy

- Gregory R. Panakkal, “Advanced Survival Techniques in Malware”, Cochin University of Science and Technology, references The Complete Windows Trojan Paper

- Michael D. Thacker, "Effective Security Policy Management” – Virus Bulletin 2005 Conference, references Building and Implementing a Successful Information Security Policy

- My paper regarding security policies has been discussed in a network security course at the George Mason University

- University of Melbourne’s Network Security Course teaches on my security policies publication

- University of Houston are giving assignments on my security policies publication

- Tim Lackorzynski, "Future Trends of Malware PPT", Fakultät Informatik, Technische Universität Dresden, Proseminar Dependable Systems is discussing my "Malware - Future Trends" research
- Widener University have included my "Steganography and Cyber Terrorism Communications" in their forensics course reading materials