reading_list.md

Reading list for Computer Security

Week 1

• Ethics in Information Security - IEEE Security & Privacy, May/June 2017, pp. 3-4, vol. 15, DOI Bookmark: 10.1109/MSP.2017.75
• ACM Code of Ethics and Professional Conduct

Week 3

• K. S. Wilson, "Conflicts Among the Pillars of Information Assurance," in IT Professional, vol. 15, no. 4, pp. 44-49, July-Aug. 2013, doi: 10.1109/MITP.2012.24.
• H. Sinanović and S. Mrdovic, "Analysis of Mirai malicious software," 2017 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM), Split, 2017, pp. 1-5, doi: 10.23919/SOFTCOM.2017.8115504.
  • Mirai Source Code
• A. Woodiss-Field and M. N. Johnstone, "Assessing the Suitability of Traditional Botnet Detection against Contemporary Threats," 2020 Workshop on Emerging Technologies for Security in IoT (ETSecIoT), Sydney, Australia, 2020, pp. 18-21, doi: 10.1109/ETSecIoT50046.2020.00008.
• Scott R. Fluhrer, Itsik Mantin, and Adi Shamir. 2001. Weaknesses in the Key Scheduling Algorithm of RC4. In Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography (SAC '01). Springer-Verlag, Berlin, Heidelberg, 1–24.
• Hal Berghel and Jacob Uecker. 2005. WiFi attack vectors. Commun. ACM 48, 8 (August 2005), 21–28. DOI:https://doi.org/10.1145/1076211.1076229
• K. Lounis and M. Zulkernine, "Attacks and Defenses in Short-Range Wireless Technologies for IoT," in IEEE Access, vol. 8, pp. 88892-88932, 2020, doi: 10.1109/ACCESS.2020.2993553.

Week 4

• D. E. Denning, "An Intrusion-Detection Model," in IEEE Transactions on Software Engineering, vol. SE-13, no. 2, pp. 222-232, Feb. 1987, doi: 10.1109/TSE.1987.232894.
• R. A. Kemmerer and G. Vigna, "Intrusion detection: a brief history and overview," in Computer, vol. 35, no. 4, pp. supl27-supl30, April 2002, doi: 10.1109/MC.2002.1012428.
• S. Wang, C. Xia and T. Wang, "A Novel Intrusion Detector Based on Deep Learning Hybrid Methods," 2019 IEEE 5th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), Washington, DC, USA, 2019, pp. 300-305, doi: 10.1109/BigDataSecurity-HPSC-IDS.2019.00062.
• The NSL-KDD dataset.

Week 5

• Brief History of Windows Security.
• Windows Consumer Security circa Oct 2020
• Windows Enterprise Security circa Oct 2020

Week 6

• Harbian on Github
• S. Grzonkowski, A. Mosquera, L. Aouad and D. Morss 'Smartphone security: an overview of emerging threats', IEEE Consumer Electronics Magazine 3(4) Oct 2014, pp.40–44.
• Wang, Y., W. Cai, T. Gu and W. Shao 'Your eyes reveal your secrets: an eye movement based password inference on smartphone', IEEE Transactions on Mobile Computing 19(11) 2020, pp.2714–2730.
• S. Sultan, I. Ahmad and T. Dimitriou, "Container Security: Issues, Challenges, and the Road Ahead," in IEEE Access, vol. 7, pp. 52976-52996, 2019, doi: 10.1109/ACCESS.2019.2911732.

Week 7

• Buchanan, W.J. Cryptography. (Denmark: River Publishers, 2017) pp.1–11.

Week 8

• Transposition cipher.
• Generate a cipher challenge at https://asecuritysite.com/encryption/ctf
• Playfair substitution cipher, pp.11–16.
• Vigenere, pp.17–19.
• Frequency analysis - Buchanan, William J.. Cryptography, River Publishers, 2017. pp.44–48.

Week 9

• Read pages 143-152 of Buchanan, William J.. Cryptography, River Publishers, 2017.
• RSA encryption
• http://www.geometer.org/mathcircles/RSA.pdf

Week 10

• Chief Security Office 'Security standard - use of cryptography (SS-007)', Department for Work & Pensions (March 2020).

Week 11

• Hashing - Buchanan, W.J. Cryptography. (Denmark: River Publishers, 2017) Chapter 3 Hashing pp. 87-112.

Week 12

• Buchanan, W.J. Cryptography. (Denmark: River Publishers, 2017) Chapter 10 Blockchain and crypto-currency pp.303-311.
• Wikipedia entry for cyclic redundancy checks.

Week 13

• Blockchain Technologies for the Internet of Things: Research Issues and Challenges.

Week 17

• Clark, D.D. and D.R. Wilson 'A comparison of commercial and military computer security policies' 1987 IEEE Symposium on Security and Privacy.
• Brewer, D.F.C. and M.J. Nash 'The Chinese Wall Security Policy' Proceedings 1989 IEEE Symposium on Security and Privacy.

Week 18

• McLean, J. 'The specification and modeling of computer security' Computer 23(1) 1990.
• Bell, D.E and L.J LaPadula 'Secure computer systems: Mathematical foundations' MITRE Technical Report 2547, Volume 1, 1973 (electronic reconstruction by L. LaPadula).
• 'Integrity considerations for secure computer systems' MITRE Technical Report 3153, 1977.
• Scott Graham, G. and P.J. Denning 'Protection: principles and practice', AFIPS '72 (Spring): Proceedings of the May 16-18 1972, Spring Joint Computer Conference 1971, pp.417-29.

Week 19

• Bulgurcu, B., H. Cavusoglu and I. Benbasat 'Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness', MIS Quarterly 34(3) 2010, pp.523-48.

Week 20

• Kubesch, A.S. and S. Wicker 'Digital rights management: The cost to consumers [Point of View]', Proceedings of the IEEE 103(5) 2015, pp.726-33.
• Corfield, G. 'Why, yes, you can register an XSS attack as a UK company name. How do we know that? Someone actually did it', The Register October 2020.
• Eckert, J. 'How little Bobby Tables ruined the internet' 2018.
• Biography of Edward Snowden.