- Feb 8, 2002
Publications and Sites
The following is a list of articles, books, and Web pages related to the subject of computer viruses. Some are only included or alluded to because they were in the previous edition. Some outdated links and unobtainable references have been removed, and several have been added. (We don't guarantee that those listed are still availablein fact, you might have trouble getting hold of any but the most recent.) Inclusion of a resource in this section doesn't necessarily constitute recommendation (as the comments make clear). However, it's important to know and recognize the more prominent but poor resources, as well as the good ones.
Bigelow's Virus Troubleshooting Pocket Reference. Ken Dunham. McGraw-Hill. 2000. ISBN: 0-072-12627-2. Well-meaning but not very accurate, and sometimes misleading.
Robert Slade's Guide to Computer Viruses: How to Avoid Them, How to Get Rid of Them, and How to Get Help (Second Edition). Springer. 1996. ISBN: 0-387-94663-2. Four years is a long time in computing, but time has been kinder to Slade's book than most books on the subject. This was, until recently, easily the best introductory text on the subject.
Virus: Detection and Elimination. Rune Skardhamar. AP Professional. 1996. ISBN: 0-12-647690-X. Seriously inaccurate in places and contains (not very good) virus code. The poor man's Mark Ludwig...
The Giant Black Book of Computer Viruses. Mark A. Ludwig. American Eagle. 1995. ISBN 0-92940807-1. Ludwig is, or was, a virus writer. His books have far more to do with writing viruses than with protecting against them. Seriously outdated, too.
CIAC/US Department of Energy. This Web site has a database of virus information that was recommended in an earlier edition of this book (http://ciac.llnl.gov/ciac/CIACVirusDatabase.html). The database is no longer being updated, but is worth checking for information on older viruses. CIAC/DOE have done sterling work in recent years on publicizing the problems associated with virus hoaxes and other chain letters. The relevant pages continue to be maintained and expanded. http://HoaxBusters.ciac.org/
Computers Under Attack: Intruders, Worms and Viruses. Ed. Peter J. Denning. ACM Press 1990. ISBN 0-201-53067-8. Despite its age, this book is worth looking for. It contains some seminal papers.
Computer Viruses and Anti-Virus Warfare, Second Edition. Jan Hruska, Ellis Horwood. 1992. ISBN 0-13-036377-4. This book predates macro viruses, VBS and JS worms, Trojans, and so on, but is worth reading on earlier technologies, especially anti-virus tools.
Computer Virus Prevalence Survey. ICSA (formerly the National Computer Association) publishes a yearly survey of virus prevalence, has certification schemes for anti-virus and other security software, papers, discussion groups, and so on. http://www.icsa.net/
The Computer Virus Crisis (Second Edition). Fites, Johnson, and Kratz. Van Nostrand Reinhold Computer Publishing. 1992. ISBN: 0-442-00649-7. Not altogether accurate even at the time of publishing, and now seriously outdated.
PC Security and Virus Protection: The Ongoing War Against Information Sabotage. Pamela Kane. M&T Books. 1994. ISBN: 1-55851-390-6.In some aspects, outdated (and totally MS-DOS oriented) but includes some very useful material.
A Short Course on Computer Viruses (Second Edition). Frederick B. Cohen. Series title: Wiley Professional Computing. John Wiley & Sons. 1994. ISBN: 1-471-00769-2. Solid material from the man whose early research contributed massively to defining the virus/anti-virus field.
A Pathology of Computer Viruses. David Ferbrache. Springer-Verlag. 1992. ISBN: 0-387-19610-2; 3-540-19610-2. Obviously, this book predates recent developments and current preoccupations, but is still a good basis for serious research.
The Virus Creation Labs: A Journey into the Underground. George Smith. American Eagle Publications. ISBN 0-929408-09-8. Smith's writings have long served as a very effective antidote to some of the self-righteous pomposity found in some corners of the security establishment. His book is an interesting, journalistic, alternative view across the virus/anti-virus divide.
European Institute for Computer Anti-Virus Research. Despite its name, EICAR is not exclusively focused on viruses, and its members include representatives of academia and business. Not all of them are European, either. http://www.eicar.org/
Future Trends in Virus Writing. Vesselin Bontchev. Virus Test Center. University of Hamburg. Crystal-ball gazing is a mug's game, and even the redoubtable Dr. Bontchev didn't get every predictive detail right. However, as a thumbnail guide to virus issues from a major authority in the field, this merits close attention. http://www.virusbtn.com/OtherPapers/Trends/
SherpaSoft Web page. FAQs including the VIRUS-L FAQ, the alt.comp.virus FAQ, the Viruses and the Macintosh FAQ, an email abuse FAQ, other papers, resources, and links. http://www.sherpasoft.org.uk
Network Associates. Requests for the Dr. Solomon's Virus Encyclopaedia cited in the previous edition are redirected to the NAI equivalent at http://vil.nai.com/vil/default.asp.
Survivor's Guide to Computer Viruses. Ed. Victoria Lammer. Virus Bulletin Ltd. 1993. ISBN 0-9522114-0-8. This book was intended as a supplement to the magazine, and includes some reprinted material. Contains some solid material on older viruses that are still in circulation.
A Guide to the Selection of Anti-Virus Tools and Techniques. W. T. Polk and L. E. Bassham. National Institute of Standards and Technology Computer Security Division. Friday, Mar 11; 21:26:41 EST 1994. Not a very useful guide to current anti-virus software evaluation, but a fair summary of the basic technology. http://csrc.ncsl.nist.gov/nistpubs/
Mac Virus. Susan Lesch's anti-virus resource for Macintosh users, now maintained by David Harley and containing his Viruses and the Macintosh FAQ, plus the definitive paper Macs and Macros: the State of the Macintosh Nation. http://www.macvirus.com/, http://www.macvirus.org.uk
Managing Malware: Mapping Technology to Function. David Harley. Conference Proceedings, EICAR 1999. A comprehensive primer on malware management in corporate environments. http://www.sherpasoft.org.uk/papers/eicar99.PDF
Virus Proof: The Ultimate Guide to Protecting Your PC. Phil Schmauder. Prima Tech. 2000. ISBN 0-7615-2747-8. Lazily written, incompetent, misleading, and virtually useless. Avoid.
Virus Bulletin. The only monthly magazine I know of entirely devoted to virus management. http://www.virusbtn.com/
Viruses Revealed: Understanding and Countering Malicious Software. David Harley, Robert Slade, and Urs Gattiker. Osborne. ISBN-0-17-213090-3. (For publication, 3rd quarter 2001.) It's hardly appropriate for me to advertise my own book here. However, this one is almost unique among recent books on the subject, in that it's actually written by acknowledged experts in the field. Covers a wide range of issues (technology, history, corporate protection, social issues, ethics). Check the Web site at http://www.viruses-revealed.org.uk.
The Enterprise Anti-Virus Book. Robert Vibert. Segura Solutions Inc. ISBN-0-9687464-0-3. This is the other recent book on the subject written by an expert in the field. The author is a seasoned professional with years of experience in the design and implementation of enterprise anti-virus solutions, and his book focuses on these aspects. Not the book with all the answers, but something arguably more important: the book with just about all the questions. http://www.segurasolutions.com/book.htm.
Vmyths.com (formerly the Computer Virus Myths page at www.kumite.com). Robert Rosenberger's essential resource for hoax hunters and other professional skepticshighly recommended. http://www.vmyths.com/
WildList Organization International. The authoritative source of information on which viruses are known to be in the wild. An essential resource for anti-virus software certification authorities, researchers, and so on. http://www.wildlist.org/
Most anti-virus vendors have virus information databases and other resources, as well as information specific to their products. The following sites are generally dependable (but none are infallible). Precise URLs aren't given, as such pages move about a lot.