Suggested Reads

Read these first:

• How to read a paper (2007): link
• How (and how not) to write a good systems paper: link

Papers: You can find all of these on Google Scholar

• An intrusion-detection model (1987) - Denning
• The SRI IDES statistical anomaly detector (1991) - Javitz and Valdes
• Self-nonself discrimination in a computer (1994)
• A sense of self for unix processes (1996) - Forrest
• Role-based access control models (1996) - Sandhu
• The base-rate fallacy and its implications for the difficulty of intrusion detection (1999) - Axelsson
• Bro: a system for detecting network intruders in real-time (1999) - Paxson
• Intrusion detection via static analysis (2001) - Wagner and Dean
• How to Own the Internet in Your Spare Time (2002) - Staniford
• Mimicry attacks on host-based intrusion detection systems (2002)
• Formalizing sensitivity in static analysis for intrusion detection (2004) - Feng
• Semantics-aware malware detection (2005)
• Modeling Botnet Propagation Using Time Zones (2006) - Dagon
• Polymorphic Blending Attacks (2006) - Fogla
• BotMiner: Clustering Analysis of Network Traffic for Protocol-and Structure-Independent Botnet Detection (2008) - Gu
• All your iframes point to us (2008)
• Increased DNS Forgery Resistance Through 0x20-Bit Encoding (2008)
• Impeding Malware Analysis Using Conditional Code Obfuscation (2008)
• BitBlaze: A new approach to computer security via binary analysis (2008)
• Outside the Closed World: On Using Machine Learning for Network Intrusion Detection (2010)
• Detecting Malware Domains at the Upper DNS Hierarchy (2011)
• GQ: Practical containment for measuring modern malware systems (2011)
• From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware (2012)
• A11y Attacks: Exploiting Accessibility in Operating Systems (2014)
• Gyrus: A framework for user-intent monitoring of text-based networked applications (2014)
• Towards Making Systems Forget with Machine Unlearning (2015)
• Automatically Evading Classifiers: A Case Study on PDF Malware Classifiers (2016)
• Spotless Sandboxes: Evading Malware Analysis Systems using Wear-and-Tear Artifacts (2017)
• The Battle for New York: A Case Study of Applied Digital Threat Modeling at the Enterprise Level (2018)
• An Observational Investigation of Reverse Engineers’ Processes (2020)
• An Inside Look into the Practice of Malware Analysis (2021)
• Dos and Don'ts of Machine Learning in Computer Security (2022)
• Everybody’s Got ML, Tell Me What Else You Have: Practitioners' Perception of ML-Based Security Tools and Explanations (2023)
• Humans vs. Machines in Malware Classification (2023)

Top-tier academic cybersecurity conferences: source1 & source2

• S&P: https://www.ieee-security.org/TC/SP-Index.html
• USENIX Security Symposium: https://www.usenix.org/conferences
• CCS: https://www.sigsac.org/ccs.html
• NDSS: https://www.ndss-symposium.org/

Mailing lists:

• https://devblogs.microsoft.com/oldnewthing/
• https://krebsonsecurity.com/
• https://unit42.paloaltonetworks.com/
• https://cloud.google.com/blog/products/identity-security
• https://machinelearningmastery.com/
• https://www.internetgovernance.org/
• https://www.crossborderdataforum.org/
• https://0x00sec.org/
• https://www.welivesecurity.com/
• https://any.run/cybersecurity-blog/
• https://www.vmray.com/cyber-security-blog/
• https://redcanary.com/blog/

RSS feeds:

• https://exploit.in/
• https://ctftime.org/
• https://www.mandiant.com/
• https://www.microsoft.com/en-us/security/blog/
• https://googleprojectzero.blogspot.com/
• https://signal.org/blog/
• https://blog.virustotal.com/
• https://blogs.vmware.com/security/

Books:

• Practical Malware Analysis (Sikorski and Honig)
• Linkers & Loaders (Levine)
• Rootkits (Butler and Hoglund)
• Machine Learning (Mitchell)
• Deep Learning with Python (Chollet)
• Introduction to Modern Cryptography (Katz and Lindell)
• Computer Networking (Kurose and Ross)
• Introduction to the Theory of Computation (Sipser)
• Style: Lessons in Clarity and Grace (Colomb)