Greg Hoglund and Gary McGraw.
Exploiting Software : How to Break Code.
Addison-Wesley, ISBN 0-201-78695-8,
Sample Chpater:
Reverse Engineering and Program Understanding
Matt Bishop.
Introduction to Computer Security.
Addison-Wesley, ISBN 0-321-24744-2,
http://nob.cs.ucdavis.edu/book-intro .
Bruce Schneier.
Secrets and Lies : Digital Security in a Networked World.
Cyrus Peikari and Anton Chuvakin.
Security Warrior.
O'Reilly, ISBN 0-596-00545-8,
Sample Chapter:
Windows Reverse Engineering .
P. Neumann
Computer Related Risks.
Addison-Wesley, Reading, MA, 1995.
S. Levy
Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age.
Penguin Books, 2001,
ISBN 0140244328.
C. Stoll
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
.
Pocket Books, 2000,
ISBN 0743411463.
R. Clarke and R. Knake
Cyber War: The Next Threat to National Security and What to Do About It .
Ecco, 2010,
ISBN 0061962236.
K. Poulsen
Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground
.
Crown, 2011,
ISBN 0307588688.
M. Russinovich
Zero Day: A Novel
.
Thomas Dunne Books, 2011,
ISBN 031261246X.
M. Russinovich
Tojan Horse: A Novel
.
Thomas Dunne Books, 2012,
ISBN 1250010489.
J. Menn
Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet
.
PublicAffairs, 2010,
ISBN 1586487485.
K. Hafner and J. Markoff
Cyberpunk: Outlaws and Hackers on the Computer Frontier.
Simon and Schuster, New York, NY, 1991.
D. Moynihan
Secrecy: The American Experience.
Yale University Press, 1988.
Google books limited preview
C. Stoll
Stalking the Wily Hacker
Communications of the ACM 31(5), pp. 484-497, May 1988.
R. Hollinger
Hackers: Computers Heroes or Electronic Highwaymen?
ACM SIGCAS Computers and Society, 21(1), pp. 6-17, June 1991.
Ken Thompson
Reflections on Trusting Trust
Turing Award Lecture, Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763.
E. Spafford
The internet worm program: an analysis
ACM SIGCOMM Computer Communication Review ,
19(1), pp. 17-57, January 1989.
This link has some followup information including the final sentence
for Morris: http://sunland.gsfc.nasa.gov/info/guide/The_Internet_Worm.html
E. Spafford
Crisis and Aftermath
Communications of the ACM, 32(6), pp. 678-687, June 1989.
J. Rochlis and M. Eichin
With microscope and tweezers: the worm from MIT's perspective
Communications of the ACM, 32(6), pp. 689-698, June 1989.
S. Gordon
Generic Virus Writer
4th International Virus Bulletin Conference, 1994.
S. Gordon
Generic Virus Writer II
6th International Virus Bulletin Conference, 1996.
S. Gordon
Inside the Mind of Dark Avenger
Virus News International, 1993.
B. Schneier and J. Kelsey
Secure audit logs to support computer forensics
ACM Transactions on Information and System Security (TISSEC),
2(2), pp. 159-176, May 1999.
G. Kim E. Spafford
The design and implementation of tripwire: a file system integrity checker
Proceedings of the 2nd ACM Conference on Computer and communications security
pp. 18-29, 1994.
Dorothy E. Denning and Peter J. Denning
Data Security
Computing Surveys, Vol. 11, No. 3, September 1979, pp. 227-249.
Jerome H. Saltzer and Michael D. Schroeder
The Protection of Information In Computer Systems
Proceedings of the IEEE 63, 9 (September, 1975) pages 1278-1308.
J. G. Steiner, C. Neuman, J. I. Schiller
Kerberos: An Authentication Service for Open Network Systems
USENIX '88, Dallas, TX, February 1988, pp. 191-202.
Kerberos in Four Acts
Frederick T. Gramp, Robert H. Morris
UNIX Operating System Security
AT&T Bell Laboratories Technical Journal, 63 8, October 1984, pp. 1649-1672.
Gerald J. Popek, Charles S. Kline
Encryption and Secure Computer Networks
Computing Surveys, 11 4, December 1979, pp. 331-356.
Ross Anderson, Markus Kuhn
Tamper Resistance - a Cautionary Note
2nd USENIX Workshop on Electronic Commerce, Oakland, California, November 1996, pp. 1-11.
S. King, P. Chen
Backtracing Intrusions
Proceedings of the 19th ACM symposium on Operating Systems Principles,
pp. 223-236, 2003.
M. Vrable, J. Ma, J. Chen, D. Moore, E. Vandekieft, A. Snoeren, G. Voelker, S. Savage
Scalability, Fidelity and Containment in the Potemkin Virtual Honeyfarm
Proceedings of the 20th ACM symposium on Operating Systems Principles,
pp. 148-162, 2005.
P. Singh and A. Lakhotia
Analysis and detection of computer viruses and worms: an annotated bibliography
ACM SIGPLAN Notices, 37(2), pp. 29-25, February 2002.
S. White
Open Problems in Computer Virus Research
Virus Bulletin Conference, Munich, Germany, October 1998.
National Institue of Standards and Technology
Common Criteria for Information
Technology Security
Version 2.0.ISO IS 15408, May 1988.
R. Anderson
Why Cryptosystems Fail
Communications of the ACM, vol. 37, no. 11, November 1994, pp. 32-40.
B. Simons and E. Spafford
Risks of total surveillance
Communications of the ACM,
46(3), p. 120, March 2003.
D. Chaum
Security without identification
Communications of the ACM,
28(10), pp. 1030-1044, October 1985.
E. Spafford
Digital Government Security Infrastructure Design Challenges
IEEE Computer ,
34(2), pp. 66-72, February 2001.
E. Spafford
One View of A Critical National Need: Support for Information Security Education and Research
1997 Congressional Hearings
Intelligence and Security.
P. Vora et al.
Inside Risks: Evaluation of voting systems
Communications of the ACM,
47(11), pp. 144, November 2004.
R. Anderson
Inside Risks: Free Speech Online and Offline
Communications of the ACM,
45(6), pp. 144, June 2002.