Annotated bibliography
Safe computing: Understanding computer viruses, Internet hoaxes, and network security
by Zhizhong Li
November 7, 2001
Anti-virus white papers. (2001). Itpaper.com [On-line]. Available: http://www.itpapers.com/cgi/SubcatIT.pl?scid=276
In the IT community, a White Paper is an informational brief that offers an overview of a technology, product, issue, standard, policy, or solution, its importance, use and implementation, and business benefits. White Paper has emerged as the standard way of communicating more in-depth information to IT and business decision-makers in terms of problems solved and market addressed.
This source is a list of anti-virus White Papers. Each White Paper either addresses an issue related to computer virus or offers detailed information of a specific virus.
Brock, J. L. (2000). Critical infrastructure protection: 'I LOVE YOU' computer virus highlights need for improved alert and coordination capabilities [On-line]. Available: http://purl.access.gpo.gov/GPO/LPS14762
This is the statement made by Jack L. Brock, Jr., director of governmentwide and Defense Information Systems, Accounting and Information Management Division, before the Subcommittee on Financial Institutions, Committee on Banking, Housing and Urban Affairs, U.S. Senate/United States General Accounting Office.
In his statement Brock talks about the damages caused the by 'I LOVE YOU' computer virus and the necessity of improving alert and coordination capabilities in different industries to prevent the virus invasion.
Bowyer, K. W. (2001). Ethics and computing: Living responsibly in a computerized world. New York: IEEE Press.
This book promotes awareness of major issues and accepted procedures in the area of ethics and computing. It is designed to encourage critical thinking. The book also covers current ethical issues and responsibilities in this computerized world.
The fourth chapter of this book covers the topics related to hacking and computer system security. According to Bowyer, hacking behaviors include creation of virus programs, creation of worm programs, creation of Trojan horse programs, creation of logic bomb programs, and use of password sniffing to break into accounts. This chapter also talks about the consequences of hacking and how to prevent it.
Brian, M. (2001). How computer viruses work? [On-line]. Available:
http://www.howstuffworks.com/virus.htm/printable
Brian talks about how computer viruses work by explaining the definitions of viruses, e-mail viruses, worms, and Trojan horses and the methods they use to attack computers and networks. The author also tried to analyze the origins of people create computer viruses.
Cavazos, E. A., & Morin, G. (1994). Cyberspace and the law: Your rights and duties in the on-line world. Cambridge, Mass.; London, England: MIT press.
This book is mainly for the members of the online world who have little or no legal training. It covers a wide range of legal issues that a user is likely to encounter online. Chapter seven talks about cyber-crimes. It outlines the most important federal and state criminal laws that regulate online activities. This chapter explores topics from credit card fraud to computer viruses.
Cohen, F. B. (1994). A short course on computer viruses. New York: Wiley.
Frederick B. Cohen is an internationally acclaimed pioneer in the field who actually coined the phrase 'computer virus.' Both broad in its coverage and deep in its consideration, this book includes dozens of lucid explanations and examples that amicably guide the reader through the complex, often convoluted subject matter. Cohen also offers discussion of defensive strategies and an analysis of the epidemiology of computer viruses.
Denning, D. E., & Denning, P. J. (Eds.). (1998). Internet besieged: Countering cyberspace scofflaws. New York, N.Y.: ACM Press; Reading, Mass.: Addison Wesley.
This book consists of 34 original and recently published chapters written by leading figures in security. The articles range from technical explanations of encryption and intrusion-detection systems to popular accounts of hacker attacks.
The articles are grouped in five parts. The six chapters in Part One describe the emergence of the Internet and the attendant new practices into which people have entered. The ten chapters of Part Two focus on the major patters of weaknesses in Internet-connected computer systems. The five chapters of Part Three describe how cryptography has helped to secure computers and data on the Internet. The five chapters of Part Four deal with electronic commerce, the most challenging environment of security technologies. The eight chapters of Part Five cover the practices, laws, and policies that make up the 'playing field' for human interactions on the Internet.
Delger, H. (2001). Computer virus help [On-line]. Available: http://pages.prodigy.net/henri_delger/index.htm
This is the link of Computer Virus Help Îs Web site, which has been online since 1995. The site provides answers to computer virus-related questions. With its sub-pages, this site provides general information about computer viruses, worms, and Trojan horses, links to anti-virus vendors and encyclopedias, how to prevent viruses, recovery from data disaster, and virus-related hoaxes and chain letters.
Ferbrache, D. (1992). A pathology of computer viruses. London, New York: Springer-Verlag.
This book is a detailed overview of the history of computer viruses and an in-depth technical review of the principles of computer virus and worm operation under DOS, Mac, and Unix operating systems. Ferbrache addresses the developments in 'stealth' virus operation, specifically the trend of virus authors to adopt extensive camouflage and concealment techniques, which allow viruses to evade both existing anti-viral software and to avoid detection by direct observation of machine behavior. This book is a good source reference work detailing all aspects of the computer virus threat.
Fernandez, J. N. (1997). MIME, UUENCODE, & ZIP. New York: MIS Press.
Although this book is about how to compress, decompress, encode, and decode files, it does offer its Chapter Four talking about computer viruses. In this chapter, Fernandez talked about her own experience with viruses. She also introduced different types of computer viruses and how to prevent them.
Fites, P. E., Johnston, P., & Kratz, M. (1992). The computer virus crisis. New York: Van Nostrand Reinhold.
This book contains five kinds of information: general information about the computer virus phenomenon, information and checklists to help you with a virus problem, references for other reading on viruses and related issues such as information systems security, moderately technical information, and reviews of antiviral products, in Appendices A and B, and definitions, in the Glossary.
FitzGerald, N. (1995). Frequently asked questions on Virus-L/comp.virus [On-line]. Available: http://www.bocklabs.wisc.edu/~janda/virl_faq.html
This is a comprehensive source designed to answer some frequently asked questions about computer viruses. Virus-L and comp.virus are discussion forums that focus on virus issues. The whole work has three sections. The first section covers information of Virus-L/comp.virus and anti-virus software. The second one mainly deals with definitions and jargons of computer viruses. The third section is about virus detection. This document is a large file, and its printout has 42 pages.
Full hoax index. (2001). CIAC [On-line]. Available: http://hoaxbusters.ciac.org/HBHoaxIndex.html
This is a full hoax index list, and it is updated. This list contains different types of Internet hoaxes, including malicious code warnings, give away hoaxes, chain letters, urban myths, sympathy hoaxes, threat chains, inconsequential warnings, scam chains, scare chains, and true legends.
Hoffman, L. J. (Eds.). (1990). Rogue programs: Viruses, worms, and Trojan horses. New York: Van Nostrand Reinhold.
This is a fairly old source about computer viruses. Lance J. Hoffman is known for his pioneering research on computer security and risk analysis, especially the application of fuzzy set theory in analyzing the vulnerabilities of computer systems and the automation of the computer security risk analysis process.
There are five parts in this book. The first part contains overview material on virus identification, prevention, detection, and mitigation, as well as a comparison with immunology in the medical world. The next part discusses societal, legal and ethical issues that are often ignored by the technical community but that will ultimately be resolved with or without its input to policymakers. The third part examines virus attacks on personal computer systems and defenses against these attacks. The next part deals with attacks of rogue programs (usually worms rather than viruses) on networks and what can be done to prevent or mitigate them. The last part presents some theoretical models of computer viruses.
Hruska, J. (1990). Computer viruses and anti-virus warfare. New York: Ellis Horwood.
This is another fairly old source that provides a framework for discussing a wide variety of virus-related issues. Answers of following questions can be found in this book. How can a virus penetrate a computer? What does a virus consist of? How complicated is it to write a virus? Who writes viruses? How does one protect against viruses? How effective is anti-virus software?
Information about hoaxes. (2001). CIAC [On-line]. Available: http://hoaxbusters.ciac.org/HBHoaxInfo.html
Hoaxbusters is a public service of the Computer Incident Advisory Capability (CIAC) team and the U.S. Department of Energy. This source contains information about the definitions of Internet hoaxes and chain letters, the risk and cost of hoaxes, how to recognize hoaxes and chain letters. This document also analyzes the reasons why people send chain letters and hoaxes messages.
Jacobson, R.V. (1990). The PC virus control handbook: A technical guide to detection, identification, disinfection, and investigation: Includes model policy and procedures. San Francisco, CA: Miller Freeman Publications.
This four-chapter book is designed to help PC users to cope with the growing incidence of virus infections. The first chapter defines the term computer virus, and describes how viruses spread from one PC to another. It also covers four different kinds of virus infection mechanisms, the special problems created by the stealth virus technology, and a discussion of virus detection techniques. Chapter Two discusses the procedure for responding to reports of virus infections, and checklists of overt indicators for identifying viruses. The third chapter has detailed instructions on how to disinfect PCs and how to investigate the source of the virus infection. Chapter Four presents prototype statements of realistic anti-virus policy and procedures.
Kane, P. (1994). PC security and virus protection handbook: The ongoing war against information sabotage. New York: M&T Books.
This is another security and virus protection book for PC users. In this book, Kane unlocks the secrets of PC operation to make users prepared for possible disasters and understand how to avoid them before they occur and how to handle them if they occur. This book also provides an excellent explanation of computer viruses and offers helps in protecting PC system from attack.
Karlson, D.K. (1990). Computer viruses: A protection guide for microcomputer users. Arlington, VA: ADAPSO, the computer software and services industry association.
This is a 13-page manual that offers solutions of defending against computer virus. Although this source was published ten years ago, it can still give todayÌs computer users a good overview of computer viruses and protection procedures.
Louw, E., & Duffy, N. (1992). Managing computer viruses. Oxford; New York: Oxford University Press.
This book is for practicing top, senior, user, and information systems managers, as well as information security professionals and management students. It approaches computer viruses from a management perspective, and the discussion is at a conceptual rather than a technical level. This book presents a concise overview of the problem and a detailed framework for dealing with computer viruses in organizations. It also has a number of useful technical appendices and an in-depth insight into the biological analogy.
Mayo, J. L. (1989). Computer viruses: What they are, how they work, how to avoid them. Blue Ridge Summit, PA: Windcrest.
This book unravels the mystery of computer viruses, Trojan horses, worms, and logic bombs. The first part of the book introduces the subject of computer viruses and related virus-type programs. The second part addresses the computer virus problem and solutions specifically towards the IBM-PC and compatible family of computers.
McAfee, J., & Haynes, C. (1989). Computer viruses, worms, data diddlers, killer programs, and other threats to your system: What they are, how they work, and how to defend your PC, Mac, or mainframe. New York: St. MartinÌs Press.
This book is a good source for understanding computer viruses and virus protection. Chapter 10 provides useful tips about how to recover from virus infection. Chapter 11 offers essential strategies to guard against virus attacks.
MS-DOS anti-virus tools. (2001). CIAC [On-line]. Available: http://ciac.llnl.gov/ciac/ToolsDOSVirus.html
This is the archive of anti-virus tools on CIACÌs site. Each tool has a short description and a free download link.
Polk, W. T. (Eds.). (1995). Anti-virus tools and techniques for computer systems. Park Ridge, N.J.: Noyes Data Corp.
This book is specifically for computer virus prevention. The first part provides criteria for judging the functionality, practicality, and convenience of anti-virus tools. It helps readers determine which tools are best suited to target environment. The second part offers guidance for managing the threats of computer viruses and related software and unauthorized use.
Speakers and Panels. (2000). H2K [On-line]. Available: http://www.h2k.net/post/panels.html
This is a collection of speakers and panels on the Hackers on Planet EarthÌs Web site. The site offers downloading MP3 or Real Audio to let user experience the speakersÌ talks. Users with broadband can also enjoy the streaming RealAudio of the talks. One speech by Robert J. Lupo discusses on how computer viruses work, the different types and styles, and what the future holds.
Summers, W. (2001). Is there a security problem in computing? [On-line]. Available: http://jaring.nmhu.edu/notes/security.htm
Wayne summers is a computer science professor at the New Mexico Highlands University. In this document, he talks about security issues in computing. He explains different types of viruses and offers helpful tips on safe computing.
Wells, J. (2001). Virus descriptions of viruses in the wild [On-line]. Available: http://www.datafellows.com/virus-info/wild.shtml
This updated list contains the latest wild list collected by the Wildlist Organization. Each virus name is linked to the virus descriptions at F-Secure virus description database. The viruses on the list are reported by different participants all over the world.
Widespread Virus Myths. (1999). Stiller Research [On-line]. Available: http://www.stiller.com/myths.htm
This document from the Stiller Research debunks the common myths and misunderstandings regarding viruses. The article is in a Q&A format, which makes it easy to understand. Understanding these widespread virus myths can help users prevent from virus attacks more effectively.