REVIEW: "Computer Viruses and Other Malicious Software", Organization for Economic Co-operation and

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Jan 12, 2011.

  1. BKCVAOMS.RVW 20100607

    "Computer Viruses and Other Malicious Software", Organization for
    Economic Co-operation and Development, 2009, 978-92-64-05650-3
    %A Organization for Economic Co-operation and Development
    %C 2 rue Andre Pascal, 75775 Paris Cedex 16, France
    %D 2009
    %G 978-92-64-05650-3 92-64-05650-5
    %I OECD Publishing
    %O
    %O http://www.amazon.com/exec/obidos/ASIN/9264056505/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/9264056505/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/9264056505/robsladesin03-20
    %O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
    %P 244 p.
    %T "Computer Viruses and Other Malicious Software"

    The executive summary doesn't tell us much except that malware is bad,
    and that this report is seen as a first step in addressing the issue
    in a global, comprehensive manner.

    Part one, entitled "The Scope of Malware," is intended to provide
    background to the problem. Chapter one, as an overview, is a random
    collection of technical issues, with poor explanations. Although it
    is good to see that the malware situation is defined in terms that are
    more up-to-date than those in all too many security texts, the lack of
    foundational material provided by the authors will necessarily limit
    the perception of the issue for those readers who have not done
    serious research themselves. Various stories of attacks and payloads
    (not all related to malware) are listed in an equally disjointed
    manner in chapter two. There are numerous errors, including in simple
    aspects like arithmetic. (20 million is not "5 times" one million.)
    The explanation of why we should be concerned, in chapter three, boils
    down to the fact that the net is important, and malware imposes costs.

    Part two turns to the economics of malware. Chapter four, while it
    promises to deal with cybersecurity and economic incentives, merely
    states that security is hard. Chapter five does deal with economic
    factors influencing decisions of key players on the Internet, but does
    so only on the basis of an opinion survey, rather than any measured
    costs or benefits. Descriptions of different types of economic
    situations are given in chapter six, but a final set of "findings"
    doesn't seem to have much background support.

    Part three is supposed to contain recommendations about actions to
    take, or policies to follow, to address the malware issue.

    Unfortunately, this work does not have sufficient technical depth on
    areas of malware to contribute to the literature. The concept of
    addressing the economic aspects is interesting, but is not
    sufficiently fulfilled. Overall, this text has nothing to add to
    existing information.

    copyright, Robert M. Slade 2010 BKCVAOMS.RVW 20100607


    ======================

    "Dictionary of Information Security," Syngress 1597491152
    http://blogs.securiteam.com/index.php/archives/author/p1/
    http://blog.isc2.org/isc2_blog/slade/index.html
    http://twitter.com/rslade http://twitter.com/NoticeBored
    ============= for back issues:
    [Base URL] site http://victoria.tc.ca/techrev/
    CISSP refs: [Base URL]mnbksccd.htm
    Book reviews: [Base URL]mnbk.htm
    Review mailing list: send mail to
    or
     
    Rob Slade, doting grandpa of Ryan and Trevor, Jan 12, 2011
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.