Suggested Reads
Posted on January 01, 2015 in misc • 2 min read
Read these first:
Papers: You can find all of these on Google Scholar
- An intrusion-detection model (1987) - Denning
- The SRI IDES statistical anomaly detector (1991) - Javitz and Valdes
- Self-nonself discrimination in a computer (1994)
- A sense of self for unix processes (1996) - Forrest
- Role-based access control models (1996) - Sandhu
- The base-rate fallacy and its implications for the difficulty of intrusion detection (1999) - Axelsson
- Bro: a system for detecting network intruders in real-time (1999) - Paxson
- Intrusion detection via static analysis (2001) - Wagner and Dean
- How to Own the Internet in Your Spare Time (2002) - Staniford
- Mimicry attacks on host-based intrusion detection systems (2002)
- Formalizing sensitivity in static analysis for intrusion detection (2004) - Feng
- Semantics-aware malware detection (2005)
- Modeling Botnet Propagation Using Time Zones (2006) - Dagon
- Polymorphic Blending Attacks (2006) - Fogla
- BotMiner: Clustering Analysis of Network Traffic for Protocol-and Structure-Independent Botnet Detection (2008) - Gu
- All your iframes point to us (2008)
- Increased DNS Forgery Resistance Through 0x20-Bit Encoding (2008)
- Impeding Malware Analysis Using Conditional Code Obfuscation (2008)
- BitBlaze: A new approach to computer security via binary analysis (2008)
- Outside the Closed World: On Using Machine Learning for Network Intrusion Detection (2010)
- Detecting Malware Domains at the Upper DNS Hierarchy (2011)
- GQ: Practical containment for measuring modern malware systems (2011)
- From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware (2012)
- A11y Attacks: Exploiting Accessibility in Operating Systems (2014)
- Gyrus: A framework for user-intent monitoring of text-based networked applications (2014)
- Towards Making Systems Forget with Machine Unlearning (2015)
- Automatically Evading Classifiers: A Case Study on PDF Malware Classifiers (2016)
- Spotless Sandboxes: Evading Malware Analysis Systems using Wear-and-Tear Artifacts (2017)
- The Battle for New York: A Case Study of Applied Digital Threat Modeling at the Enterprise Level (2018)
- An Observational Investigation of Reverse Engineers’ Processes (2020)
- An Inside Look into the Practice of Malware Analysis (2021)
- Dos and Don'ts of Machine Learning in Computer Security (2022)
- Everybody’s Got ML, Tell Me What Else You Have: Practitioners' Perception of ML-Based Security Tools and Explanations (2023)
- Humans vs. Machines in Malware Classification (2023)
Top-tier academic cybersecurity conferences: source1 & source2
- S&P: https://www.ieee-security.org/TC/SP-Index.html
- USENIX Security Symposium: https://www.usenix.org/conferences
- CCS: https://www.sigsac.org/ccs.html
- NDSS: https://www.ndss-symposium.org/
Mailing lists:
- https://devblogs.microsoft.com/oldnewthing/
- https://krebsonsecurity.com/
- https://unit42.paloaltonetworks.com/
- https://cloud.google.com/blog/products/identity-security
- https://machinelearningmastery.com/
- https://www.internetgovernance.org/
- https://www.crossborderdataforum.org/
- https://0x00sec.org/
- https://www.welivesecurity.com/
- https://any.run/cybersecurity-blog/
- https://www.vmray.com/cyber-security-blog/
- https://redcanary.com/blog/
RSS feeds:
- https://exploit.in/
- https://ctftime.org/
- https://www.mandiant.com/
- https://www.microsoft.com/en-us/security/blog/
- https://googleprojectzero.blogspot.com/
- https://signal.org/blog/
- https://blog.virustotal.com/
- https://blogs.vmware.com/security/
Books:
- Practical Malware Analysis (Sikorski and Honig)
- Linkers & Loaders (Levine)
- Rootkits (Butler and Hoglund)
- Machine Learning (Mitchell)
- Deep Learning with Python (Chollet)
- Introduction to Modern Cryptography (Katz and Lindell)
- Computer Networking (Kurose and Ross)
- Introduction to the Theory of Computation (Sipser)
- Style: Lessons in Clarity and Grace (Colomb)