IEEE Cipher

 Book Announcements and Reviews


Issue E178.  03/18/24

Jos Weyers, Matt Burrough, Walter Belgers, BandEAtoZ, and Nigel K. Tolley, Locksport: A Hacker's Guide to Lockpicking, Impressioning, and Safe CrackingReview by Sven Dietrich

Issue E175.  09/24/23

Daniel Dougherty, Jose Meseguer, Sebastian Alexander Moedersheim, and Paul Rowe (Eds.), Protocols, Strands, and LogicReview by Sven Dietrich

Issue E174.  07/25/23

Adam Shostack, Threats: What Every Engineer Should Learn From Star WarsReview by Sven Dietrich

Issue E172.  03/20/2023

Eugene H. Spafford, Leigh Metcalf, and Josiah Dykstra, 
Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us , Review by Sven Dietrich


Issue E171.  01/30/23

Reza Montasari, 
Artificial Intelligence and National Security,  Review by Sven Dietrich

Issue E169.  09/26/22

Laurent Chuat, David Basin, Samuel Hitz, Adrian Perrig, Markus Legner, David Hausheer, Peter Müller, 
The Complete Guide to SCION: From Design Principles to Formal VerificationReview by Sven Dietrich

  Issue E167.  6/10/22

Andrew J. Stewart, 
A Vulnerable System: The History of Information Security in the Computer AgeReview by Sven Dietrich

Issue E166.  3/19/22

Jean-Philippe Aumasson, Crypto Dictionary: 500 Tasty Tidbits for the Curious Cryptographer,  Review by Sven Dietrich

Issue E165.  1/24/22

Paul C. van Oorschot, Computer Security and the Internet: Tool and Jewels from Malware to Bitcoin, (second edition)  Review by Sven Dietrich

Issue E164.  12/04/21

Carlisle Adams, Introduction to Privacy Enhancing Technologies: A Classification-Based Approach to Understanding PETsReview by Sven Dietrich

Issue E162.  07/21/21

Arno Mittelbach and Marc Fischlin, The Theory of Hash Functions and Random Oracles: An Approach to Modern CryptographyReview by Sven Dietrich

Issue E161.  05/31/21

Ross Anderson, Security Engineering: A Guide to Building Dependable Distributed SystemsReview by Sven Dietrich

Issue E160.  03/22/21

Joan Daemen and Vincent Rijmen, The Design of Rijndael: The Advanced Encryption Standard (AES)Review by Sven Dietrich

Issue E157.  09/21/20

Chris Eagle and Kara Nance, The Ghidra Book - The Definitive GuideReview by Sven Dietrich

Issue E155.  05/29/20

Paul C. van Oorschot, Computer Security and the Internet: Tool and JewelsReview by Sven Dietrich

Issue E153.  01/21/20

Matt Bishop, Computer Security: Art and Science, 2nd editionReview by Sven Dietrich

Issue E52.  11/25/2019

Colin Boyd, Anish Mathuria, and Douglas Stebila, Protocols for Authentication and Key EstablishmentReview by Sven Dietrich

Issue E149.  05/31/19

Alex Matrosov, Eugene Rodionov, and Sergey Bratus, Rootkits and Bootkits - Reversing Modern Malware and Next Generation ThreatsReview by Sven Dietrich

Issue E147.  01/23/19

Dennis Andriesse, Practical Binary analysis : build your own Linux tools for binary instrumentation, analysis, and disassemblyReview by Sven Dietrich

Issue E146.  11/20/18

William J. Buchanan OBE, CryptographyReview by Sven Dietrich

Issue E144.  06/ 4/18

Adrian Perrig, Pawel Szalachowski, Raphael M. Reischuk, and Laurent Chuat, SCION: A Secure Internet ArchitectureReview by Sven Dietrich

Issue E142.  01/30/18

James Forshaw, Attacking Network ProtocolsReview by Sven Dietrich

Issue E140.  09/18/17

Sean Smith, The Internet of Risky Things - Trusting the devices That Surround UsReview by Sven Dietrich


Issue E138.  06/01/17

Andrew "bunnie" Huang, The Hardware Hacker - Adventures in making & breaking hardwareReview by Sven Dietrich


Issue E134.  09/19/16

Douglas W. Hubbard and Richard Seiersen, How to Measure Anything in Cybersecurity Risk,   Review by Richard Austin

Issue E133.  07/23/16

Christopher Hadnagy and Michele Fincher, Phishing Dark Waters: The Offensive and Defensive Use of Malicious E-mailsReview by Richard Austin

Issue E132.  05/31/16

Brandon Valeriano and Ryan C. Harris, Cyber War versus Cyber Realities: Cyber Conflict in the International SystemReview by Richard Austin

Issue E131.  03/22/16

Craig Smith, The Car Hacker's Handbook: A Guide for the Penetration TesterReview by Richard Austin

Issue E130.  01/25/16

Steven Bellovin, Thinking Security: Stopping Next Year's HackersReview by Richard Austin

Issue E129.  11/23/15

George Loukas, Cyber-Physical Attacks: A Growing Invisible Threat Review by Richard Austin

Issue E128.  09/22/15

Nitesh Dhanjani, Abusing the Internet of Things: Blackouts, Freakouts, and StakeoutsReview by Richard Austin

Issue E127.  07/27/15

Marc Rotenberg, Julia Horwitz and Jeramie Scott, Privacy in the Modern Age: The Search for SolutionsReview by Richard Austin

Issue E126.  05/30/15

Benjamin Wittes and Gabriella Blum, The Future of Violence: Robots and Germs, Hackers and Drones. Confronting a new age of threatReview by Richard Austin

Issue E125.  03/17/15

Bruce Schneier, Data and Goliath: The hidden battles to capture your data and control your worldReview by Richard Austin

Issue E124.  01/20/15

Justin Seitz, Black Hat Python: Python Programming for Hackers and PentestersReview by Richard Austin

Issue E123.  11/23/14

Michael Ligh, Andrew Case, Jamie Levy and Aaron Walters, The Art of Memory Forensics: Detecting malware and threats in Windows, Linux, and Mac MemoryReview by Richard Austin

Issue E122.  09/25/14

Georgia Weidman, Penetration Testing: A Hands-On Introduction to HackingReview by Richard Austin

Issue E121.  07/22/14

Adam Shostack, Threat Modeling: Designing for SecurityReview by Richard Austin

Issue E120.  05/27/14

Jay Jacobs and Bob Rudis, Data-Driven Security: Analysis, Visualization and DashboardsReview by Richard Austin

Issue E119.  03/17/14

Michael Collins, Network Security Through Data Analysis: Building Situational AwarenessReview by Richard Austin

Issue E118.  01/24/14

Bill Blunden, The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System (2ed)Review by Richard Austin

Issue E117.  11/19/13

Thomas Rid, Cyber War Will Not Take Place Review by Richard Austin

Issue E116.  09/22/13

Richard Bejtlich, The Practice of Network Security Monitoring: Understanding Incident Detection and ResponseReview by Richard Austin

Issue E115.  07/17/13

Cameron Malin, Eoghan Casey and James Aquilina, Linux Malware incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile DataReview by Richard Austin

Issue E114.  05/28/13

Dawn Cappelli, Andrew Moore and Randall Trzeciak, The CERT Guide to Insider ThreatsReview by Richard Austin

Issue E113.  03/18/13

S. Bodmer, M. Kilger, G. Carpenter and J. Jones, Reverse Deception: Organized Cyber Threat Counter-ExploitationReview by Richard Austin

Issue E112.  01/21/13

K. H. Pherson and R. H. Pherson, Critical Thinking for Strategic IntelligenceReview by Richard Austin

Shon Harris, All In One CISSP Exam GuideReview by Richard Austin

Issue E111.  11/19/12

Lee Allen, Advanced Penetration Testing for Highly Secured Environments: The Ultimate Security Guide Review by Richard Austin

Issue E110.  09/19/12

Davi Ottenheimer and Matthew Wallace, Securing the Virtual Environment: How to defend the enterprise against attackReview by Richard Austin

Issue E109.  07/20/12

Tyler Wrightson, Wireless Network Security: A Beginner's GuideReview by Richard Austin

Issue E108.  06/ 10/12

Michael Sikorski and Andrew Honig, Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious SoftwareReview by Richard Austin

Issue E106.  01/25/12

Michael Zalewski, Tangled Web: A Guide to Securing Modern Web ApplicationsReview by Richard Austin

Bruce Schneier, Liars & Outliers: Enabling The Trust That Society Needs To ThriveReview by Richard Austin

Issue E105.  11/22/11

Eric D. Knapp, Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control SystemReview by Richard Austin

Issue E104.  09/27/11

David Kennedy, Jim O'Gorman, Devon Kearns and Mati Aharoni, Metasploit The Penetration Tester's GuideReview by Richard Austin

Issue E103.  07/19/11

Cory Altheide and Harlan Carvey, Digital Forensics with Open Source Tools,  Review by Richard Austin

Issue E102.  06/03/11

Christopher Hadnagy, Social Engineering: The Art of Human HackingReview by Richard Austin

Issue E101.  03/15/11

Harlan Carvey, Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows RegistryReview by Richard Austin

Susan Landau, Surveillance or Security? The Risks Posed by New Wiretapping TechnologiesReview by Hilarie Orman

Issue E100.  01/19/11

Justin Clarke, SQL Injection Attacks and DefenseReview by Richard Austin

Susan Landau, Surveillance or Security?: The Risks Posed by New Wiretapping Technologiesbriefly noted

Issue E99.  11/16/10

Michael Hale Ligh, Steven Adair, Blake Hartstein and Matthew Richard, Malware Analysts' Cookbook and DVD: Tools and Techniques for Fighting Malicious CodeReview by Richard Austin

Issue E98.  09/27/10

David Ropeik, How Risky Is It, Really?: Why Our Fears Don't Always Match the FactsReview by Richard Austin

Issue E97.  07/25/10

Douglas Hubbard, The Failure of Risk Management: Why Its Broken and How to Fix ItReview by Richard Austin

Issue E96.  05/31/10

Reverend Bill Blunden, The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the SystemReview by Richard Austin

Issue E95.  03/21/10

David Lacey, Managing the Human Factor in Information Security: How to win over staff and influence business managersReview by Richard Austin

Issue E94.  01/19/10

Michael Howard, David Leblanc and John Viega, 24 Deadly Sins of Software Security: Programming Flaws and How to Fix ThemReview by Richard Austin

Issue E93.  11/17/09

Tim Mather, Subra Kumaraswamy and Shahed Latif, Cloud Security and Privacy: An Enterprise Perspective on Risks and ComplianceReview by Richard Austin

Issue E92.  09/15/09

Andy Oram and Jon Viega, Eds., Beautiful Security: Leading Security Experts Explain How They ThinkReview by Richard Austin

Issue E91.  07/20/09

H. Carvey, Windows Forensic Analysis DVD Toolkit (2ed)Review by Richard Austin

Issue E90.  05/30/09

A. Whitaker, K. Evans and J. Voth, Chained Exploits: Advanced Hacking Attacks from Start to FinishReview by Richard Austin

Issue E89.  03/16/09

Greg Conti, How Much Does Google Know About You?Review by Richard Austin

Issue E88.  01/19/09

Raffael Marty, Applied Security VisualizationReview by Richard Austin

Issue E87.  11/17/08

Ari Takanen, Jared D. Demott and Charles Miller, Fuzzing for Security Testing and Quality AssuranceReview by Richard Austin

Issue E86.  09/17/08

Ross Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems (2ed)Review by Richard Austin

Issue E85.  07/19/08

M. Jakobsson and Z. Ramzan, Crimeware: Understanding New Attacks and DefensesReview by Richard Austin

Issue E84.  05/24/08

Donald E. Knuth, The Art of Computer Programming, Volume 4, Fascicle 0Review by Hilarie Orman and Richard Schroeppel

A. Shostack, and A. Stewart, The New School of Information Security,  Review by Richard Austin

N. N. Taleb, The Black Swan: The Impact of the Highly ImprobableReview by Richard Austin

Issue E83.  03/17/08

Dobromir Todorov, Mechanics of User Identification and Authentication: Fundamentals of Identity ManagementReview by Richard Austin

Philip Hallam-Baker, The dotCrime Manifesto: How to Stop Internet CrimeReview by Richard Austin

Issue E82.  01/21/08

Niels Provos and Thorsten Holz, Virtual Honeypots: From Botnet Tracking to Intrusion DetectionReview by Richard Austin

Issue E81.  09/17/07

Michael Sutton, Adam Greene, and Pedram Amini, Fuzzing: Brute Force Vulnerability Discovery,  Review by Richard Austin

Issue E80.  09/17/07

Mark S. Kadrich, Endpoint SecurityReview by Richard Austin

Issue E79.  07/19/07

Andrew Jacquith, Security Metrics: Replacing Fear, Uncertainty and DoubtReview by Richard Austin

Issue E78.  05/28/07

D. Herrmann, Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROIReview by Richard Austin

Issue E77.  03/19/07

Mark Dowd, John McDonald and Justin Schuh, The Art of Software Security Assessment: Identifying and Preventing Software VulnerabilitiesReview by Richard Austin

Issue E76.  01/18/07

Phillip Q. Maier, Audit and Trace Log Management: Consolidation and AnalysisReview by Richard Austin

Issue E75.  11/20/06

Richard Bejtlich, Extrusion Detection: Security Monitoring for Internal IntrusionsReview by Richard Austin

Issue E74.  09/18/06

DerEngel, Hacking the Cable ModemReview by Bob Bruen

Himanshu Dwivedi, Securing Storage: A Practical Guide to SAN and NAS SecurityReview by Richard Austin

Issue E73.  07/17/06

Bennett, Colin and Charles Raab, The Governance of Privacy. Policy Instruments in a Global PerspectiveReview by Robert Bruen

Issue E72.  05/26/06

Andrews, Mike and James A. Whitaker, How to Break Web SoftwareReview by Bob Bruen

Ryan Barnett, Preventing Web Attacks With ApacheReview by Bob Bruen

Issue E71.  03/15/06

Simpson, Michael, Hands-On Ethical Hacking and Network DefenseReview by Robert Bruen

Long, Johnny et al., Penetration Tester's Open Source ToolkitReview by Robert Bruen

Issue E70.  01/16/06

Brian Carrier, File System Forensic AnalysisReview by Robert Bruen

Gary McGraw, Software Security. Building Security InReview by Robert Bruen

Issue E69.  11/15/05

Jones, Keith, Richard Bejtlich and Curtis Rose, Real Digital Forensics. Computer Security and Incident ResponseReview by Bob Bruen

Cranor, Laurie Faith and Simson Garfinkel, Security and Usability. Designing Secure Systems That People Can Use.Review by Bob Bruen

Robert C. Seacord, Secure Coding in C and C++Review by Sven Dietrich

Issue E68  09/18/05

Greg Hoglund and James Butler, Rootkits: Subverting the Windows KernelReview by Bob Bruen

Wotring, Brian and Potter, Bruce, Host Integrity Monitoring Using Osiris and SamhainReview by Bob Bruen

Nitesh Dhanjani and Justin Clarke, Network Security Tools. Writing, Hacking and Modifying Security ToolsReview by Bob Bruen

Issue E67. 07/18/05

Foster, James with Mike Price, Sockets, Shellcode, Porting and CodingReview by Robert Bruen

Roberta Bragg, Windows Server 2003 Security A Technical ReferenceReview by Robert Bruen

Ivan Ristic, Apache SecurityReview by Robert Bruen

Issue E66.  5/17/05

Michal Zalewski, Silence on the Wire. A Field Guide to Passive Reconnaissance and Indirect AttacksReview by Robert Bruen

J. D. Lasica, Darknet: Hollywood's War Against the Digital Generation Review by Robert Bruen

Eldad Eilam, Secrets of Reverse EngineeringReview by Robert Bruen

Issue E65.  3/18/05

Mirkovic, Jelena, and Sven Dietrich, and David Dittrich, and Peter Reiher, Internet Denial of Service. Attack and Defense MechanismsReview by Robert Bruen

Peter Szor, The Art Of Computer Virus Research and DefenseReview by Robert Bruen

Foster, James, and Vitaly Osipov, and Nish Bhalla, and Niels Heinen, Buffer Overflow Attacks. Detect, Exploit, Prevent.Review by Robert Bruen

Issue E64.  1/17/05

Daniel Solove, The Digital Person Technology and Privacy in the Information AgeReview by Robert Bruen

Amanda Andress and Mandy Andress, Surviving SecurityReview by Ross Patel

J. C. Cannon, Privacy: What Developers and IT Professionals Should KnowReview by Robert Bruen

Issue E63.  11/18/04

Wang, Wallace, Steal This File Sharing Book. What They Won't Tell You About File SharingReview by Robert Bruen

Howlett, Tony, Open Source Security Tools. A Practical Guide to Security ApplicationsReview by Robert Bruen

Andres, Steven and Brian Kenyon, Security Sage's Guide to Hardening the Network InfrastructureReview by Robert Bruen

Issue E62.  9/19/04

Kaspersky, Kris, Cracking Uncovered: Protection against Unsanctioned CD CopyingReview by Robert Bruen

Richard Bejtlich, The Tao of Network Security Monitoring. Beyond Intrusion DetectionReview by Robert Bruen

Issue E61.  7/17/04

Andrew Vladimirov, Konstantin Gavrilenko, Andrei Mikhailovsky, WI-FOO. The Secrets of Wireless HackingReview by Bob Bruen

Roberta Bragg, HARDENING Windows SystemsReview by Bob Bruen

The Honeynet Project, Know Your Enemy. 2nd ed. Learning About Security ThreatsReview by Bob Bruen

Issue E60.  5/18/04

Koziol, Jack, David Litchfield, Dave Aitel, Chris Anley, Sinan Eren, Neel Mehta and Riley Hassell, The Shellcoder's Handbook. Discovering and Exploiting Security HolesReview by Robert Bruen

McNab, Chris, Network Security AssessmentReview by Robert Bruen

Gupta, Ajay and Scott Laliberte, Defend IT. Security by ExampleReview by Robert Bruen

Issue E59.  3/15/04

Peikari, Cyrus and Anton Chuvakin, Security WarriorReview by Robert Bruen

Jon Erikson, Hacking. The Art of ExploitationReview by Robert Bruen

Miles, Greg, Russ Rogers, Ed Fuller, Matthew Hoagberg and Ted Dykstra, Security Assessment Case Studies for Implementing the NSA IAMReview by Robert Bruen

Issue E58.  1/15/04

Greg Hoglund and Gary McGraw, Exploiting Software. How to Break CodeReview by Robert Bruen

Mike D. Schiffman, Building Open Source Network Security Tools. Components and TechniquesReview by Robert Bruen

Daniel Barrett, Richard Silverman and Robert Byrnes, Linux Security Cookbook. Security Tools & TechniquesReview by Robert Bruen

Issue E57.  11/15/03

John Viega and Matt Messier, Secure Programming Cookbook for C and C++Review by Robert Bruen

Mark Graff and Kenneth van Wyck, Secure Coding. Principles and Practices,  Review by Robert Bruen

Ed Skoudis with Lenny Zeltser, Fighting Malicious CodeReview by Robert Bruen

Issue E56.  9/15/03

Michael Howard and David C. LeBlanc, Writing Secure CodeReview by Fred Cohen

Wenbo Mao, Modern Cryptography, Theory and PracticeReview by Robert Bruen

Jon Edney and William Arbaugh, Real 802.11 Security. Wi-Fi Protected Access and 802.11iReview by Robert Bruen

Donald Pipkin, Halting the Hacker, A Practical Guide to Computer SecurityReview by Robert Bruen

Issue E55.  8/01/03

Peter Ryan, Steven Schneider, M. H. Goldsmith, G. Lowe and A. W. Roscoe ,Modelling and Analysis of Security ProtocolsReview by Robert Bruen

David Salomon, Data Privacy and SecurityReview by Robert Bruen

Joel McNamara, Secrets of Computer Espionage: Tactics and CountermeasuresReview by Robert Bruen

Issue E54.  6/07/03

D.F.Ferraiolo, D.R.Kuhn, R.Chandramouli, Role-Based Access Control,  Review by Tolga Acar

Eric Cole, Hiding in Plain Sight. Steganography and the Art of Covert Communication  Review by Robert Bruen

Albert Marcella and Carol Stucki, Privacy Handbook. Guidelines, Exposures, Policy Implementation, and International Issues,  Review by Robert Bruen

Niels Ferguson and Bruce Schneier, Practical Cryptography,  Review by Robert Bruen

Issue E53.  3/20/03

William Cheswick, Steven Bellovin, and Aviel Rubin,   Firewalls and Internet Security (2nd edition),  Review by Robert Bruen

Issue E52.  1/20/03

Matt Bishop,   Computer Security Art and Science,  Review by Robert Bruen

Charles Pfleeger and Shari Pfleeger,   Security in Computing, 3rd ed., Review by Robert Bruen

Douglas Schweitzer,  Securing the Network from Malicious Code, Review by Robert Bruen

Issue E51.  11/16/02

Eric Cole,   Hackers Beware,  Review by Robert Bruen

Fred Smith and Rebecca Bace,   A Guide to Forensic Testimony. The Art and Practice of Presenting Testimony as an Expert Technical Witness  Review by Robert Bruen

Lance Spitzner,   Honeypots Tracking Hackers  Review by Robert Bruen

Issue E50.  9/17/02

Samir Nanavati, Michael Thieme, and Raj Nanavati,   Verification in a Networked World,  Review by Robert Bruen

Teri Bidwell, Michael Cross and Ryan Russell,   Hack Proofing Your Identity in the Information Age,  Review by Robert Bruen

Issue E49.  7/18/02

Brian Shea,  Have You Locked the Castle Gate? Home and Small Business Security,  Review by Robert Bruen

Ed Skoudis,  Counter Hack. A Step-by-Step Guide to Computer Attacks and Effective Defenses,  Review by Robert Bruen

Issue E48.  5/20/02

Jay Ramachandran,  Designing Security Architecture Solutions,  Review by Robert Bruen

Issue E47.  3/15/02

T.J. Klevinsky, Scott Laliberte and Ajay Gupta,  Hack I. T. - Security Through Penetration Testing, Review by Robert Bruen

Eoghan Casey, Editor,  Handbook of Computer Crime Investigation. Forensic Tools and Technology, Review by Robert Bruen

Michael Caloyannides,  Computer Forensics and Privacy, Review by Robert Bruen

Issue E46.  1/16/02

Warren G. Kruse II and Jay G. Heiser,  Computer Forensics. Incident Response Essentials , Review by Robert Bruen

John Viega and Gary McGraw,  Building Secure Software. How to Avoid Security Problems the Right Way , Review by Robert Bruen

Gregory Rattray,  Strategic Warfare in Cyberspace, Review by Robert Bruen

Issue E44.  9/15/01

Julia Allen,  The CERT Guide to Systems and Network Security Practices , Review by Robert Bruen

John Chirillo,  Hack Attacks revealed, and Hack Attacks Denied,  Reviews by Robert Bruen

Aviel Rubin,  White Hat Security Arsenal, Tackling the Threats , Review by Robert Bruen

Ross Anderson,  Security Engineering: A Guide to Building Dependable Distributed Systems , Review by Anish Mathuria

Issue E43.  7/11/01

James Bamford,  Body of Secrets. Anatomy of the Ultra-Secret National Security Agency , Review by Robert Bruen

Steven Levy,  Crypto. How the Code Rebels Beat the Government-Saving Privacy in the Digital Age,  Review by Robert Bruen

Jessica Litman,  Digital Copyright,   Review  by Robert Bruen

Issue E42.  5/1/01

Thomas Pelter,  Information Security Risk Analysis, Review by Judith M. Myerson

Stephen Northcutt and Judy Novak,  Network Intrusion Detection Review by Robert Bruen

Paul E. Proctor,  The Practical Intrusion Detection Handbook Review  by Robert Bruen

Rebecca Bace,  Intrusion Detection   Review by Robert Bruen

Issue E41.  2/20/01

Brian Bagnall, Chris Broomes, and Ryan Russell,  E-Mail Virus Protection Handbook    Review by Robert Bruen

Issue E40.  12/19/00

Eric Rescorla,  SSL and TLS. Designing and Building Secure Systems    Review by Robert Bruen

Issue E39.  10/12/00

Ryan Russell and Stace Cunningham,  Hack Proofing Your Network: Internet Tradecraft    Review by Robert Bruen

Richard Power,  Tangled Web   Review by Robert Bruen 

Issue E38.  8/4/00

Charles Jennings and Lori Fena,  The Hundredth Window  Review by Robert Bruen

Charles Sykes,  The End of Privacy   Review by Robert Bruen 

Issue E37.  5/29/00

L. Jean Camp,  Trust and Risk in Internet Commerce.  Review by Robert Bruen

Issue E36.  4/7/00

Simson Garfinkel, Database NationReview by Gene Spafford

Peter Gregory,  Solaris Security.  Review by Robert Bruen 

Robert L. Ziegler, Linux FirewallsReview by Robert Bruen

Issue E35.  1/21/00

Anonymous,  Maximum Linux Security:  A Hacker's Guide to Protecting Your Linux Server and Workstation.    Review by  Bob Bruen

Li Gong,  Inside Java 2 Platform Security. Architecture, API Design, and ImplementationReview by Bob Bruen

Kevin S. McCurley (Editor), Claus Dieter Ziegler (Editor), Advances in Cryptology, 1981-1997 : Electronic Proceedings of the Crypto and Eurocrypt Conferences, 1981-1997 Springer-Verlag 1999. (Lecture Notes in Computer Science 1440) ISBN 3540650695. Paperback Back & CD-ROM edition $99.00

Issue E34.   11/3/99

Simon Singh, The Code Book:  The Evolution of Secrecy from Mary, Queen of Scots to Quantum CryptographyReview by Bob Bruen 

William Stallings,  Cryptography and Network Security:  Principles and Practice, 2nd Edition.    Review by Bob Bruen

Rudolf Kippenhahn,  Code Breaking: A History and Exploration.    Review by Bob Bruen

Stefan Brands. Rethinking public key infrastructures and digital certificates - building in privacy ISBN 90-901-3059-4 287 pages. (Contact

Jan Vitek and Christian D. Jensen (Editors). Secure Internet Programming : Security Issues for Mobile and Distributed Objects  Springer-Verlag (Lecture Notes in Computer Science, 1603) 1999. ISBN 3540661301. $56.00.

Issue E33.   8/12/99

Brian Tung,  Kerberos:  A Network Authentication SystemReview by Bob Bruen

Issue E32   6/7/99

Ross Anderson,  The Global Internet Trust Register, 1999 Edition.    Review by Bob Bruen 

Geoff Mulligan,  Removing the Spam: Email Processing and Filtering.    Review by Bob Bruen

Issue E31   3/15/99

Dorothy Denning,  Information Warfare.    Review by Bob Bruen 

Dorothy Denning and Peter Denning, Editors,  Internet Besieged Countering Cyberspace Scofflaws.    Review by Bob Bruen

Issue E30   12/18/98

Terry Escamilla,  Intrusion Detection: Network Security Beyond the Firewall.    Review by Bob Bruen

Carolyn Meinel, The Happy Hacker.   Review by Bob Bruen

Alan Schwartz and Simson Garfinkel,  Stopping Spam.    Review by Bob Bruen

Issue E29   10/7/98

Electronic Frontier Foundation,  Cracking DES: Secrets of Encryption Research, Wiretap Politics & Chip Design.      Review by Bob Bruen 

Issue E28   7/13/98

Gary McGraw and Edward Felten,  Java Security.    Review   by  Bob Bruen

Jonathan Knudsen, Java CryptographyReview  by Bob Bruen

Martin Freiss,  Protecting Networks With SatanReview by Bob Bruen

Scott Oaks,  Java SecurityReview  by Bob Bruen

Charles Scott, Paul Wolfe & Mike Erwin, Virtual Private NetworkReview  by Bob Bruen

Issue E27   4/27/98

Lincoln Stein, Web Security: A Step-By-Step Reference GuideReview by Bob Bruen

Issue E26   2/9/98

Whitfield Diffie and Susan Landau,  Privacy on the Line:  The Politics of Wiretapping and Encryption.    Review by Bob Bruen 

Anonymous,  Maximum Security:  A Hacker's Guide to Protecting Your Internet SiteReview  by  Bob Bruen

Issue E25   11/25/97

Philip E. Agre and Marc Rotenberg (eds),  Technology and Privacy: The New LandscapeReview by Bob Bruen

Rita Summers,  Secure Computing, Threats, and Safeguards.   Review by Bob Bruen

Deavours, Cipher A., David Kahn, Louis Kruh, Greg Mellen, Brian J. Winkel, eds. Selection from Crypologia: History, People, Technology. Artech House, Boston, 1998, ISBN 0-89006-862-3, 544pp., $79.

Hendry, Mike. Smart Card Security and Applications. Artech House, Boston, 1997, ISBN 0-89006-953-0, 282pp., $65.

Opplinger, Rolf. Internet and Intranet Security. Artech House, Boston, Jan. 1998, ISBN 0-89006-829-1, 376pp., $69.

Issue E24   10/5/97

Schneier, Bruce and David Banisar.The Electronic Privacy Papers: Documents on the Battle for Privacy in the Age of Surveillance. John Wiley, 1997, ISBN 0-471-12297-1, 747 pp. $60.

Smith, Richard E. Internet Cryptography. ISBN 0-201-92480-3. Addison-Wesley, 1997. 384pp. $27.92.

Issue E23   8/15/97

Rubin, Aviel D., Daniel Geer, and Marcus J. Ranum, Web Security Sourcebook: A Complete Guide to Web Security Threats and Solutions John Wiley & Sons, ISBN: 0-471-18148-X, paperback. Book info and review available from

Garfinkel, S. and G. Spafford. Web Security & Commerce. O'Reilly, June, 1997, ISBN 1-56592-269-7, 506 pages, $32.95. Review available at (but you may have to register at first in order to read it. Publisher info at

Issue E22   7/12/97

Kenneth Birman, Building Secure and Reliable Network Applications.  Review by Bob Bruen

For the Record: Protecting Electronic Health Information by Committee on Maintaining Privacy and Security in Health Care Applications of the National Information Infrastructure, P. Clayton, Chair, National Academy Press, ISBN 0-309-05697-7. Available at (final version of NRC report on health information privacy reported in Cipher EI #21).

Issue E21   3/25/97

Dam, Kenneth W., and Herbert S. Lin, eds. Cryptography's Role in Security the Information Society. National Academy Press, 688 pp., $44.95. (This is the final version of the NRC report on cryptography reported in Cipher EI#15, June 1, 1996.)

Pfitzmann, Birgit. Digital Signature Schemes: General Framework and Fail-Stop Signatures. Springer-Verlag, 396 pp., $59.50.

Issue E20   2/10/97

Hans Reisel,  Prime Numbers and Computer Methods for Factorization.  2nd Edition.    Review by  Bob Bruen

Paulo Ribenboim,  The New Book of Prime Number Records, 3rd Edition.     Review by Bob Bruen

Steve Sutton. Windows NT Security Guide. ISBN 0-201-41969-6. Addison Wesley, 1997, 384 pp., $29.95. Reviewed in Infosecurity News, January, 1997.

Andre Bacard. The Computer Privacy Handbook. Peachpit Press, 1996, 274 pp., ISBN 1-56609-171-3, $24.95. Reviewed in Infosecurity News, January, 1997.

Peter T. Davis and Barry D. Lewis. Computer Security for Dummies. IDG Books, 1996, 342 pp., ISBN 1-56884-635-5, $19.99. Reviewed in Infosecurity News, January, 1997.

Fred Simonds. Network Security: Data and Voice Communications. McGraw Hill, Inc. Hightstown, NJ, 1996, 395 pp., ISBN 0-07-057639-4, $60. Reviewed in ACM Computing Reviews, Jan. 1997.

Frederick B. Cohen. Protection and Security on the Information Superhighway. John Wiley & Sons, Inc., New York, NY, 1995, 301 pp., ISBN 0-471-11389-1, $24.95. Reviewed in ACM Computer Reviews, Jan. 1997.

Issue E19  12/23/96

Peter Wayner,  Disappearing Cryptography.  Review  by Bob Bruen  

Douglas Stinson,  Cryptography: Theory and PracticeReview by Bob Bruen

David Kahn.   The Codebreakers. The Story of Secret Writing.     Review by Bob Bruen

Norman Polmar and Thomas Allen,  Spy Book:  The Encyclopedia of Espionage.  Review by Bob Bruen

Issue E18  11/11/96

Charlie Kaufman, Radia Perlman and Mike Speciner,   Network Security: Private Communication in a Public World.  Review  by  Bob Bruen

William Stallings,  Network and Internetwork Security: Principles and Practice.  Review  by  Bob Bruen

Dorothy Denning. Manager's Guide to Cyberspace Attacks and Countermeasures. Published by the Computer Security Institute; claims to offer advice on "thwarting every known form of electronic threat, including the recent denial-of-service attacks, viruses, system break-ins, equipment theft and interception of network traffic." $10 (free to CSI members).

From Martin David, Dept. of Information Industries, Adelaide: A new joint Australian/New Zealand standards publication is due to be issued on 5 November 1996.  AS/NZS 4444:1996 - "Information Security Management"  (Please see Cipher Issue E18 for more information) 

Issue E15  6/1/96

Simson Garfinkel and Eugene Spafford, Practical UNIX and Internet Security, Second Edition O'Reilly & Associates, Inc., 1996 1004 pages. ISBN: 1-56592-148-8. $39.95. Review by Peter Neumann (from RISKS 17 May) 

Peter T. Davis (Ed.). Securing Client/Server Computer Networks. McGraw-Hill, New York, 1996, 589 pp., ISBN: 0-07-015841-X. $50.

Issue E9   9/18/95

Icove, D., K. A. Seger, W. R. VonStorch, and E. H. Spafford. Computer Crime: A Crimefighter's Handbook. O'Reilly & Associates, $24.95(US).

Issue E4   3/10/95

Biskup, J., M. Morgenstern, and C. E. Landwehr, eds. Database Security, VIII: Status and Prospects. IFIP Transactions A-60, Elsevier Science B.V., Amsterdam, ISBN: 0 444 81972 2, 412 pp., $129.50 (discounts available to IEEE CS and ACM members).

Issue E3   1/13/95

Denning, D. and H. Lin, eds. Rights and Responsibilities of Particpants in Networked Communities. Computer Science and Telecommunications Board, National Research Council, National Academy Press, Washington, DC, Dec., 1994, ISBN 0-309-0590-1, 160pp. 

Schwartau, Winn.Information Warfare: Chaos on the Electronic Superhighway. Thunder's Mouth Press, NY, ISBN 1-56025-080-1, 432pp., $22.95.

Issue E2  12/5/94

Schneier, Bruce, Applied cryptography: protocols, algorithms, and source code in C, John Wiley & Sons, Inc. 1994, ISBN 0-471-59756-2(paper), 618 pages, $44.95.

Ford, Warwick.Computer communications security: principles, standard protocols and techniques.Prentice Hall P T R, Englewood Cliffs, NJ, ISBN 0-13-799453-2, 494 pages, $58.

Thuraisingham, Bhavani, Ravi Sandhu, and T.C. Ting, editors. Security for object-oriented systems: Proceedings of the OOPSLA '93 conference workshop on security for object-oriented systems.. Springer-Verlag, New York, 1994, ISBN 0-387-19877-6.

Castano, Silvana, Mariagrazia Fugini, Giancarlo Martella, and Pierangela Samarati. Database security. ACM Press/Addison-Wesley, 1995, ISBN 0-201-59375-0. 456 pp., $49.50.

Abrams, Marshall D., Sushil Jajodia, and Harold J. Podell(eds.). Information security: an integrated collection of essays. IEEE Computer Society Press, ISBN 0-8186-3662-9. 700 pages, $58 (discounts available to IEEE CS members).

Amoroso, Edward, Fundamentals of computer security technology, P T R Prentice-Hall, ISBN 0-13-108929, 1994, 404 pages, $48.

Cheswick, William R., and Steven M. Bellovin, Firewalls and Internet security: repelling the wily hacker, Addison-Wesley, 1994, ISBN 0-201-63357-4(paper), 305 pages, $24.95.

Neumann, Peter G., Computer-related risks, Addison-Wesley, 1994, ISBN:O-201-55805-X (paper), 320 pages, $24.75.