Vlasti Broucek -

This area is under constant (re)construction - please revisit often

My Own Collection

EndNote 4 file is available here (use shift-click in Netscape).

Allen, C. (2001). Surfing Between the Flags: Security on the Web, [WWW]. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/Surfing_Between_the_Flags.html.

Anderson, M. R. (1997). Electronic Fingerprints: Computer Evidence Comes Of Age, [www]. New Technologies, Inc. Available: http://www.forensics-intl.com/art2.html.

Anderson, M. R. (1998). Computer Evidence Processing: Good Documentation Is Essential, [www]. New Technologies, Inc. Available: http://www.forensics-intl.com/art10.html.

Australian Computer Emergency Response Team. (1997, 3 October 1997). CERT(*) Coordination Center: Intruder Detection Checklist, [ftp]. Computer Emergency Response Team (CERT). Available: ftp://ftp.auscert.org.au/pub/cert/tech_tips/intruder_detection_checklist.

Australian Computer Emergency Response Team. (2000). Know Thy Attacker. Australian Computer Emergency Response Team (AUSCERT).

Australian Computer Emergency Response Team. (2000, 18 October 2001). Steps for Recovering from a UNIX or NT System Compromise, [WWW]. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/win-UNIX-system_compromise.html.

Australian Computer Emergency Response Team. (2000, 17 April 2000). Windows 95/98 Computer Security Information, [WWW]. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/win-95-info.html.

Australian Computer Emergency Response Team. (2000, 17 April 2000). Windows NT Intruder Detection Checklist, [WWW]. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/win_intruder_detection_checklist.html.

Australian Computer Emergency Response Team. (2000, 21 February 2000). Distributed Denial of Service Attacks, [WWW]. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/ddos.html.

Australian Computer Emergency Response Team. (2001, 8 October 2001). UNIX Security Checklist v2.0, [WWW]. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/usc20.html.

Australian Computer Emergency Response Team. (2001, 8 October 2001). UNIX Security Checklist v2.0 - The Essentials, [WWW]. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/usc20_essentials.html.

Australian Communications-Electronic Security Instructions 33 (ACSI 33): Security Guidelines For Australian Government IT Systems. (www)(1998). Kingston: Defence Signals Directorate, Commonwealth of Australia.

Bace, B. (2000). Understanding Microsoft's October 26th Incident, [www]. TripWire. Available: http://www.tripwire.com/press/beckybaceWP.cfml.

Backhouse, J., & Dhillon, G. (1999). Working towards principles for information security management in the 21 st century, [WWW]. Available: http://www.csrc.lse.ac.uk/ISSecurity.pdf.

Bates, J. (1997). Fundamentals of Computer Forensics. International Journal of Forensic Computing(January/February 1997).

Bates, J. (1998). Forensic lessons - case study. International Journal of Forensic Computing, 1998(No 20), 16-19.

Bates, J. (2001). DIVA Computer Evidence (Digital Integrity Verification and Authentication), [www]. International Journal of Forensic Computing. Available: http://www.forensic-computing.com/archives/diva.html.

Battcock, R. (1995). The Computer Misuse Act 1990: 5 years on, [www]. Available: http://www.csrc.lse.ac.uk/ComputerMisuseAct1990.htm.

Batten, L. M. (2000). Security for Future Computing Environments. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Bedworth Case - UK. (1993). [www]. Available: http://www.eff.org/pub/Net_culture/Hackers/uk_court_acquits_teenage_hacker.article.

Bishop, M. (1995). Improving System Security via Proactive Password Checking. Computers and Security, 14(3), 249-259. Available: http://nob.cs.ucdavis.edu/~bishop/papers/Pdf/proactpw.pdf.

Bishop, M. (1997, April 1997). The State of INFOSEC Education in Academia: Present and Future Directions. Paper presented at the National Colloquium on Information System Security Education. Available: http://nob.cs.ucdavis.edu/~bishop/papers/Pdf/ncisse1997.pdf.

Bishop, M. (1999, September 1999). Vulnerabilities Analysis. Paper presented at the Recent Advances in Intrusion Detection. Available: http://nob.cs.ucdavis.edu/~bishop/papers/Pdf/vulclass.doc.pdf.

Bishop, M. (2000a, May 2000). Academia and Education in Information Security: Four Years Later. Paper presented at the Fourth National Colloquium on Information System Security Education. Available: http://nob.cs.ucdavis.edu/~bishop/papers/Pdf/ncisse2000.fm.pdf.

Bishop, M. (2000b). Education in Information Security. IEEE Concurrency, 8(4), 4-8. Available: http://nob.cs.ucdavis.edu/~bishop/papers/Pdf/educieee.fm.pdf.

Bishop, M. (2001, October 2001). E-Business Security: Fact, Fiction, or Both? Paper presented at the Infomation System Security Association Sacramento Chapter. Available: http://nob.cs.ucdavis.edu/~bishop/talks/Pdf/issa.pdf.

Bishop, M., Cheung, S., Frank, J., Hoagland, J., Samorodin, S., & Wee, C. (1997). Internet Security. IEEE Spectrum, 34(8), 56-63. Available: http://nob.cs.ucdavis.edu/~bishop/papers/Pdf/inetsec.pdf.

Borchgrave de, A., Cillufo, F. J., Cardash, S. L., & M, L. M. (2000). Cyber Threats and Information Security: Meeting the 21st Century Challenge. Washington, D.C., USA: Centre for Strategic and International Studies. Available: http://www.csis.org/homeland/reports/cyberthreatsandinfosec.pdf.

Borck, J. R. (2001, ( April 2001). Leave the cybersleuthing to the experts. InfoWorld, 23, 54.

Boulanger, A. (1998). Catapult and grappling hooks: The tools and techniques of information warfare. Systems Journal, 37(1).

Broucek, V. (1985). Aplikace expertniho systemu na diagnostiku radiolokatoru (Application of Expert System in Diagnostics of Radar). Unpublished Masters Degree Thesis, Czech Technical University, Prague.

Broucek, V., & Turner, P. (2001a, 11 July 2001). Forensic Computing: Developing a Conceptual Approach for an Emerging Academic Discipline. Paper presented at the 5th Australian Security Research Symposium, Perth, Australia.

Broucek, V., & Turner, P. (2001b). Forensic Computing: Developing a Conceptual Approach in the Era of Information Warfare. Journal of Information Warfare, 1(2).

Cheswick, W. (1998). An Evening with Berferd. In D. E. Denning & P. J. Denning (Eds.), Internet Besieged: Countering Cyberspace Scofflaws (pp. 103-116): ACM Press.

Christy, J. (1998). Rome Laboratory Attacks: Prepared Testimony of Jim Christy,Air Force Investigator, before the Senate Governmental Affairs Committee, Permanent Investigation Subcommittee, May 22, 1996. In D. E. Denning & P. J. Denning (Eds.), Internet Besieged: Countering Cyberspace Scofflaws (pp. 57-65): ACM Press.

Cresswell, E. (2000, 7 November 2000). E-terrorism. The Australian.

Date, S. (2000, January 2000). FBI uses computer forensics in case agains Lee. Government Computer News, 19, 44.

Dearne, K. (2000, 7 November 2000). Personal cyber-attacks rise. The Australian.

Dearth, D. H. (2001). Implications and Challenges of Applied Information Operations. Journal of Information Warfare, 1(1), 7-15.

Denning, D. E. (1997, 26 February 1997). Description of Key Escrow System, [www]. Available: http://www.cosc.georgetown.edu/~denning/crypto/Appendix.html.

Denning, D. E. (1999). Activism, Hacktivism, and Cyberterrorism: The Internet as a Tool for Influencing Foreign Policy, [www]. Available: http://www.nautilus.org/info-policy/workshop/papers/denning.html.

Denning, D. E., & Branstad, D. K. (1996). A Taxonomy for Key Escrow Encryption Systems. Communications of the ACM, 39(3).

Denning, D. E., & Denning, P. J. (Eds.). (1998). Internet Besieged: Countering Cyberspace Scofflaws: ACM Press.

Denning, P. J. (1998). The Internet after Thirty Years. In D. E. Denning & P. J. Denning (Eds.), Internet Besieged: Countering Cyberspace Scofflaws (pp. 15-27): ACM Press.

Department of Justice Key Escrow Procedures. (1994). [www]. Available: http://www.cpsr.org/program/clipper/doj-key-escrow-procedures.html.

Dhillon, G., & Backhouse, J. (1999). Managing for secure organisations: a critique of information systems security research approaches. Available: http://www.csrc.lse.ac.uk/IsApproaches.pdf.

Dobson, P., Wangsawidjaja, S., & Williams, M. C. (2000). A Soft Systemts Analysis of a Company with Concerns about Information Warfare. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Doty, T. (1998). Test Driving SATAN. In D. E. Denning & P. J. Denning (Eds.), Internet Besieged: Countering Cyberspace Scofflaws (pp. 229-239): ACM Press.

Dougherty, J. J. (2001, 29 January 2001). Computer Forensics, [www]. SANS Institute. Available: http://www.sans.org/infosecFAQ/incident/comp_forensics.htm.

Dreyfus, S. (1997). Underground: tales of hacking, madness & obsession on the electronic frontier: Red Books Australia.

Etter, B. (2000a). The Challenges of E-Crime for Australasian Law Enforcement, [WWW]. Australasian Centre For Policing Research. Available: http://www.acpr.gov.au/pdf/Presentations/pmdpdec.pdf.

Etter, B. (2000b). Evaluating the Capacity to Respond to E-Crime, [WWW]. Australasian Centre For Policing Research. Available: http://www.acpr.gov.au/pdf/Presentations/Nat_Sympos.pdf.

Etter, B. (2000c). Working in Partnership: The Australasian Response to Electronic Crime, [WWW]. Australasian Centre For Policing Research. Available: http://www.acpr.gov.au/pdf/Presentations/ccrime.pdf.

Etter, B. (2001a). The Australasian Policing Response to Electronic Crime, [WWW]. Australasian Centre For Policing Research. Available: http://www.acpr.gov.au/pdf/Presentations/fbiconf.pdf.

Etter, B. (2001b). Computer Crime, [WWW]. Australasian Centre For Policing Research. Available: http://www.acpr.gov.au/pdf/Presentations/aicoutlook.pdf.

Etter, B. (2001c). E-Crime: A Global Challenge for Law Enforcement, [WWW]. Australasian Centre For Policing Research. Available: http://www.acpr.gov.au/pdf/Presentations/moscfeb.pdf.

Etter, B. (2001d). The Forensic Challenges of E-Crime, [WWW]. Australasian Centre For Policing Research. Available: http://www.acpr.gov.au/pdf/Presentations/forchall.pdf.

Etter, B. (2001e). On-line security, [WWW]. Australasian Centre For Policing Research. Available: http://www.acpr.gov.au/pdf/Presentations/BCAcoolum.pdf.

European Committee on Crime Problems, & Committee of Experts on Crime in Cyber-Space. (2001, 29 June 2001). Draft Convention on Cyber-Crime and Explanatory Memorandum Related Thereto, [www]. Council of Europe. Available: http://conventions.coe.int/Treaty/EN/projets/FinalCybercrime.htm and http://conventions.coe.int/Treaty/EN/projets/FinalCyberRapex.htm.

Even, L. R. (2000). What is a Honeypot?, [www]. SANS Institute. Available: http://www.sans.org/newlook/resources/IDFAQ/honeypot3.htm.

Farmer, D. (2000). What are MACtimes? Powerful tools for digital databases. Dr Dobb's Journal, 29(10). Available: http://www.ddj.com/articles/2000/0010/0010f/0010f.htm.

Farmer, D. (2001). Bring Out Your Dead. The Ins and Outs of Data Recovery. Dr Dobb's Journal, 30(1). Available: http://www.ddj.com/articles/2001/0101/0101h/0101h.htm.

Farmer, D., & Spafford, E. H. (1990). The COPS Security Checker System. Paper presented at the Summer USENIX Conference, Anaheim, CA.

Farmer, D., & Venema, W. (1993). Improving the Security of Your Site by Breaking Into it, [WWW]. Available: http://www.fish.com/security/admin-guide-to-cracking.html.

Farmer, D., & Venema, W. (1995). SATAN - Security Analysis Tool for Auditing Networks.

Farmer, D., & Venema, W. (1999). Murder on the Internet Express, [www]. Available: http://www.fish.com/forensics/class.html.

Farmer, D., & Venema, W. (2000). Forensic Computer Analysis: an Introduction. Reconstructing Past Events. Dr Dobb's Journal, 29(9), 70-75. Available: http://www.ddj.com/articles/2000/0009/0009f/0009f.htm.

Feldman, J. E., & Kohn, R. I. (1999). Top Ten Things to Do when Collecting Electronic Evidence, [www]. Computer Forensics Inc. Available: http://library.lp.findlaw.com/scripts/getfile.pl?file=/legpub/glass/glass000013.html.

Fogleman, R. R., & Widnall, S. E. (2001). Cornerstones of Information Warfare. Available: http://www.af.mil/lib/corner.html.

Freeh, L. J. (1999). Statement of Louis J. Freeh: 106th Congress of USA. Available: http://www.house.gov/hasc/testimony/106thcongress/99-07-13freeh.htm.

Furnell, S. M., Gennatou, M., & Dowland, P. S. (2000). Promoting security awareness and training within small organisations. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Gamertsfelder, L. (2001, April 2001). Who rules cyberspace? Australian Personal Computer, 22, 56.

Gaskell, G. (2000a). Is AS/NZS4444 Ready for E Commerce? Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Gaskell, G. (2000b). Simplifying the Onerous Task of Writinh Security Policies. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Gottfried, G. (2001, 1 February 2001). Taking a Byte Out of Crime - From thirteen-year-old perpetrators to rogue nation saboteurs, dangers to your organization abound. Groom your computer forensic watchdogs! Network Magazine, 90.

Grabosky, P. N. (2000). Computer Crime: A Criminological Overview.

Grabosky, P. N., Smith, R. G., & Wright, P. (1996). Crime and Telecomunications. Trends and Issues in Crime and Criminal Justice(59).

Graycar, A. (2000, 19 February 2000). Nine Types of Cyber Crime, [www]. Available: http://www.aic.gov.au/conferences/other/cybercrime.html.

Haeni, R. E. (1997a). Firewall Penetration Testing. Available: http://www.student.seas.gwu.edu/~reto/papers/firewall.pdf.

Haeni, R. E. (1997b). Information Warfare - an introduction. Available: http://www.student.seas.gwu.edu/~reto/papers/infowar.pdf.

Haeni, R. E. (1997c). Policies and Practices of Internet Servoce Provider.

Harrison, A. (2000, 2 October 2000). Stopping Attacks at Their Source. ComputerWorld, 78.

Hlaing, N. N., Clark, A., & Henderson, M. (2000). Workstation Security: The need for Evaluation. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Hoey, A. (1998a). Analysis of the UK Police and Criminal Evidence Act, s.69 - Computer Generated Evidence [part I]. International Journal of Forensic Computing, 1998(No 15), 19-22.

Hoey, A. (1998b). Analysis of the UK Police and Criminal Evidence Act, s.69 - Computer Generated Evidence [part II]. International Journal of Forensic Computing, 1998(No16), 18-21.

Horey, J. (2001, April 2001). Amending privacy. Australian Personal Computer, 22, 52.

How the FBI Investigates Computer Crime. (2000, 27 July 2000). [www]. CERT Coordination Center. Available: http://www.cert.org/tech_tips/FBI_investigates_crime.html.

How To Eliminate The Ten Most Critical Internet Security Threaths, The Experts' Consensus, Version 1.32. (2001, January 18, 2001). [www]. The SANS Institute. Available: http://www.sans.org/topten.htm.

Hutchinson, W., & Warren, M. (2000). Using the Viable System Model to Develop an Understanding of Information System Security Threats to an Organisation. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Increased Potential for Distributed Denial of Service (DDoS) Attacks. (2001). National Infrastructure Protection Centre. Available: http://www.nipc.gov/warnings/advisories/2001/01-026.htm.

Kelman, A. (1999a). Certainty of Rights in the Information Society, A Discussion Paper on potential barriers to creation of the Information Society, [www]. Available: http://www.csrc.lse.ac.uk/CertaintyofRights.htm.

Kelman, A. (1999b). Computer Crime in the 1990s, A Barrister's View, [www]. Available: http://www.csrc.lse.ac.uk/ComputerCrime1990s.htm.

Kelman, A. (1999c). Legal and Copyright Issues, Legal and Copyright Issues Related to Multimedia Digital Interactive Systems, [www]. Available: http://www.csrc.lse.ac.uk/Legal&Copyright.htm.

Kim, G. H., & Spafford, E. H. (1998). Tripwire: A Case Study in Integrity Monitoring. In D. E. Denning & P. J. Denning (Eds.), Internet Besieged: Countering Cyberspace Scofflaws (pp. 175-210).

Klima, V., & Rosa, T. (2001). Attack on Private Signature Keys of the OpenPGP format, PGP programs and other applications compatible with OpenPGP, [www]. Available: http://www.i.cz/en/pdf/openPGP_attack_ENGvktr.pdf.

Klooster van der, M., & Coldwell, J. (2000). Not b2b or b2c but i2s. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Legard, D. (2001). Hackers hit U.K., U.S., Australian government Web sites, [www]. ComputerWorld. Available: http://www.computerworld.com/cwi/story/0,1199,NAV47_STO56714,00.html.

Lemos, R. (2000). Top 10 security stories of 2000 (24 December 2000), [www]. ZDNet News. Available: http://www.zdnet.com/zdnn/stories/news/0,4586,2668051,00.html.

Lemos, R. (2001a). FBI "hack" raises global security concerns, [www]. CNET news.com. Available: http://news.cnet.com/news/0-1003-202-5785729.html.

Lemos, R. (2001b). U.S. inidicts two Russians for alleged hack, [www]. CNET News.com. Available: http://news.cnet.com/news/0-1007-202-5699762.html.

Leyden, J. (2000). Microsoft hacked in Balkans. U.S. Companies' overseas web sites are dropping like flies, [www]. SecurityFocus.com. Available: http://www.securityfocus.com/news/125.

Lichtenstein, S., & Swatman, P. M. C. (2000). Issues in E-Business Security Management and Policy. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Lunn, D. A. (2001, 20 Febgruary 2001). Computer Forensics - An Overview. SANS Institute. Available: http://www.sans.org/infosecFAQ/incident/forensics.htm.

Maher, W. (2001a, April 2001). Internet Spying. Australian Personal Computer, 22, 63-68.

Maher, W. (2001b, January 2001). Learning from the Microsoft Crack. Australian Personal Computer, 22, 114-115.

Mansfield, G., Ohta, K., Takei, Y., Kato, N., & Nemoto, Y. (1999, 7-9 September 1999). Towards trapping wily intruders in the large. Paper presented at the Recent Advances in Intrusion Detection - RAID'99, Purdue, IN, USA. Available: http://www.raid-symposium.org/raid99/PAPERS/Mansfield.pdf.

Masters, D. (2000). Cyber Crime and Punishment. e-Access, 46-52.

McClure, S., & Scambray, J. (1999, 31 May 1999). Cyberforensics stands ready to help you track and prosecute criminal corporate hackers. InfoWorld, 21, 46.

McMillan, R. (2000). Lessons Learned from Loving Melissa, [WWW]. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/loving-melissa.html.

McMillan, R. (2001). Site Security Policy Development, [WWW]. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/Site_Security_Policy_Development.txt.

McKemmish, R. (1999). What is Forensic Computing. Trends and Issues in Crime and Criminal Justice(118). Available: http://www.aic.gov.au/publications/tandi/ti118.pdf.

McWilliams, B. (2001, 5 November 2001). Anti-U.S. Hackers May Step Up Attacks - FBI. Newsbytes. Available: http://www.infowar.com/hacker/01/hack_110501a_j.shtml.

Microsoft Responds to Security Issue. (Press release)(2000). Redmond: Microsoft. Available: http://www.microsoft.com/presspass/features/2000/oct00/10-27security.asp.

Microsoft UK website Hacked - VIGILANTe Statement. (2001). [www]. Available: http://www.itsecurity.com/tecsnews/may2001/may55.htm.

Middleton, G. L., & A, A. J. (2001?). Jurisdiction and the internet (pp. 245-255).

Mitnick, K. (2000). Microsoft hack wasn't espionage, [www]. SecurityFocus.com. Available: http://www.securityfocus.com/news/112.

Nicander, L. (2001). Information Operations - A Swedish View. Journal of Information Warfare, 1(1), 16-24.

Ogilvie, E. (2000). Cyberstalking. Trends and Issues in Crime and Criminal Justice(166).

Paller, A., & Northcutt, S. (2000). Expert Predictions for Security Trends in 2001. SANS Security Alert(December 2000), 3-5.

Patel, A., & Ciardhuáin, S. Ó. (2000, November 2000). The Impact of Forensic Computing on Telecommunications. IEEE Communications Magazine, 64-67.

Poulsen, K. (2000). When Microsoft Kicked a hacker off its network, the FBI may have lost its chance for a bust, [www]. SecurityFocus.com. Available: http://www.securityfocus.com/news/109.

Radcliff, D. (1998, 14 December 1998). Crime in the 21st century: The new field of computer forensics is keeping security experts on the trail of cybercriminals. InfoWorld, 20, 65.

Reno, J. (1996). Law Enforcement in Cyberspace Address. In D. E. Denning & P. J. Denning (Eds.), Internet Besieged: Countering Cyberspace Scofflaws (pp. 439-447): ACM Press.

Reno Key Escrow Announcement. (1994). [www]. Available: http://www.cpsr.org/program/clipper/reno-key-escrow-announcement.html.

Rogers, A. (2000, 28 February 2000). Taking a Bite Out of Cybercrime - E&Y deploys law enforcement lab to nail internal perpetrators. Computer Reseller News, 3.

Rohde, L. (2000). Bulletin: Microsoft stung by hack attack, [www]. ComputerWorld. Available: http://www.computerworld.com/cwi/story/0,1199,NAV47_STO52929,00.html.

Schneier, B., & Kelsey, J. (1999). Secure Audit Logs to Support Computer Forensics. ACM Transactions on Information and System Security, 2(2), 159-176.

Shimomura, T. (1995). Takedown: the Mitnick Case, [www]. Available: http://www.takedown.com/.

Sibert, O. W. (1996). Malicious Data and Computer Security, [www]. Available: http://csrc.nist.gov/nissc/1996/papers/NISSC96/paper048/MALDATA.PDF.

Sliwa, C. (2000). Users show some sympathy to Microsoft over security breach, [www]. ComputerWorld. Available: http://www.computerworld.com/cwi/story/0,1199,NAV47_STO53471,00.html.

Smith, D. (1997). Improving Computer Security through Network Design, [WWW]. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/Security_Domains.html.

Smith, D., & Indulska, J. (2001). Enhancing Security of Unix Systems. Australian Computer Emergency Response Team (AUSCERT). Available: http://www.auscert.org.au/Information/Auscert_info/Papers/Enhancing_Security_of_Unix_Systems.html.

Sommer, P. (1995). Forensic Computing - CSRC Research Project, [WWW]. CSRC, LSE, UK. Available: http://csrc.lse.ac.uk/People/sommerp/forensic.htm.

Sommer, P. (1997). Forensic Computing: An Introduction, [WWW]. Available: http://www.virtualcity.co.uk/vcaforens.htm.

Sommer, P. (1998a). Digital Footprints: Assesing Computer Evidence. Criminal Law Review Special Edition, 61-78.

Sommer, P. (1998b, 14-16 September 1998). Intrusion Detection Systems as Evidence. Paper presented at the Recent Advances in Intrusion Detection - RAID'98, Louvain-la-Neuve, Belgium. Available: http://www.raid-symposium.org/raid98/Prog_RAID98/Full_Papers/gassata_paper.pdf.

Spafford, E. H. (1992). Are Computer Hacker Break-ins Ethical? Journal of Systems and Software, 17(1). Available: http://www.cerias.purdue.edu/homes/spaf/tech-reps/994.ps.

Spafford, E. H., & Weeber, S. A. (1992, 12 -16 October 1992). Software Forensics: Can We Track Code to its Authors? Paper presented at the 15th National Computer Security Conference. Available: http://www.cerias.purdue.edu/homes/spaf/tech-reps/9210.ps.

Spitzner, L., & Roesch, M. (2001a, 10 October 2001). The Value of Honeypots, Part One: Definitions and Values of Honeypots, [www]. SecurityFocus. Available: http://www.securityfocus.com/cgi-bin/infocus.pl?id=1492.

Spitzner, L., & Roesch, M. (2001b, 23 October 2001). The Value of Honeypots, Part Two, [www]. SecurityFocus. Available: http://www.securityfocus.com/cgi-bin/infocus.pl?id=1498.

Stagg, V., & Warren, M. (2000). Computer Hacker Information Still Available on the Internet! Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Stephenson, P. (2000, 2-4 October 2000). The Application of Intrusion Detection Systems in a Forensic Environment. Paper presented at the Recent Advances in Intrusion Detection - RAID 2000, Toulouse, France.

Stoll, C. (1988). Stalking the Wily Hacker. Communications of the ACM, 31(5), 484-497.

Stoll, C. (1989). The Cuckoo's Egg: Doubleday.

The National Office for the Information Technology. (2000). The Current State of Play, November 2000: Commonwealth of Australia.

Thompson, K. (1984). Reflection on Trusting Trust. Communications of the ACM, 27(8), 761-763.

Ting, C., Ong Tiang Hwee, O. T. H., Tai, T. Y., & Yong, N. P. (1999, 7-9 September 1999). Intrusion Detection, Internet Law Enforcement and Insurance Coverage to Accelerate the Proliferation of Internet Business. Paper presented at the Recent Advances in Intrusion Detection - RAID'99, Purdue, IN, USA. Available: http://www.raid-symposium.org/raid99/PAPERS/Ting.pdf.

Troeth, L., & Treloar, A. (2000). Certifiabbly Mad or a Dead Cert? Why and How a Large Australian University is Implementing Digital Certificates and a PKI. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Valli, C. (2001). NIDH - Network Intrusion Detection Hierarchy: A model for gathering attack intelligence. Journal of Information Warfare, 1(1), 42-49.

Venema, W. (2000a). File Recovery Techniques. Files Wanted, Dead or Alive. Dr Dobb's Journal, 29(12). Available: http://www.ddj.com/articles/2000/0012/0012h/0012h.htm.

Venema, W. (2000b). Forensic Computing, [Personal e-mail].

Venema, W. (2000c). Murphy's law and computer security, [www]. Available: http://www.fish.com/security/murphy.html.

Venema, W. (2000d). Strangers in the Night. Finding the Purpose of an Unknown Program. Dr Dobb's Journal, 29(11). Available: http://www.ddj.com/articles/2000/0011/0011g/0011g.htm.

Venema, W., & Farmer, D. (1995). SATAN (Security Administrator Tool for Analyzing Networks), [www]. Available: http://www.porcupine.org/satan/.

Venema, W., & Farmer, D. (1996). Security Auditing & Risk Analysis, [www]. Available: http://www.porcupine.org/auditing/.

Venema, W., & Farmer, D. (2001). Being prepared for intrusion. Dr Dobb's Journal, 30(4).

Verreck, P. (2000a). Case Study - Vindictive e-mail, [www]. International Journal of Forensic Computing. Available: http://www.forensic-computing.com/archives/vind.html.

Verreck, P. (2000b). Presenting the Evidence, [www]. International Journal of Forensic Computing. Available: http://www.forensic-computing.com/archives/present.html.

Verton, D. (2000). Think tank warns that Microsoft hack could pose national security risk, [www]. ComputerWorld. Available: http://www.computerworld.com/cwi/story/0,1199,NAV47_STO55656,00.html.

Wang, W. (2000, May 2000). Computer Forensics. Boardwatch Magazine, 14, 192.

Warren, M., & Hutchinson, W. (2000). On-line Attacks against Small and Medium sized Enterprises. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Warren, M., & Hutchinson, W. (2001, 11 July 2001). Information Warfare and Hacking. Paper presented at the 5th Australian Security Research Symposium, Perth, WA, Australia.

Weiss, T. R., & Rosencrance, L. (2000). Update: Microsoft stung by hack attack, [www]. ComputerWorld. Available: http://www.computerworld.com/cwi/story/0,1199,NAV47_STO52949,00.html.

Wheatley, I. (2000). The Attitude of Referring Doctors to Hospital Electronic Medical Records. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Whitaker, J., & Hewett, W. G. B. (2000). Data Protection and Privacy: The Emerging Australian Legislation and Its Implications for IT Professionals. Paper presented at the 1st Australian Information Security Management Workshop, University of Deakin, Australia.

Willison, R. (2001a). The Unaddressed Problem of Criminal Motivation in IS Security: Expanding the Preventive Scope Through the Concept of Readying. Available: http://is.lse.ac.uk/wp/pdf/WP101.PDF.

Willison, R. (2001b). Understanding and Addressing Criminal Opportunity : The Application of Situational Crime Prevention to IS Security. Journal of Financial Crime, 7(3). Available: http://is.lse.ac.uk/wp/pdf/WP100.PDF.

Witter, F. (2001, 20 April 2001). Legal Aspects of Collecting and Preserving Computer Forensic Evidence, [www]. SANS Institute. Available: http://www.sans.org/infosecFAQ/incident/evidence.htm.

Yuill, J., Wu, S. F., Gong, F., & Huang, M.-Y. (1999, 7-9 September 1999). Intrusion Detection for an On-Going Attack. Paper presented at the Recent Advances in Intrusion Detection - RAID'99, Purdue, IN, USA. Available: http://www.raid-symposium.org/raid99/PAPERS/Yuill.pdf.

Zimmerman, P. (1996). Testimony of Philip R. Zimmerman to the Subcommittee on Science, Technology, and Space of the US Senate Committee on Commerce, Science, and Transportation., [www]. Available: http://web.mit.edu/prz/testimony.shtml.

Zimmerman, P. (2001). A note to PGP users, [www]. Available: http://web.mit.edu/prz/text/PRZ_leaves_NAI.txt.

Other People's Collections

Richard Clayton's (University of Cambridge, Computer Laboratory) on Brute force Cracking

George Danezis's  (University of Cambridge, Computer Laboratory) on Anonymity and Pseudoanonymity

SANS Reading Room