Published Papers
Chapter 1 - Introduction to IT Compliance
This chapter introduces comprehensive methodology, enabling the staff charged with an IT security audit to create a sound framework. It allows meeting the challenges of compliance in a way that...
Published on: 2008-08-14
Topic: Audit
The IT Regulatory and Standards Compliance Handbook: How to Survive Information Systems Audit and Assessments
This "roadmap" provides a way of interpreting complex, often confusing, compliance requirements within the larger scope of an organization's overall needs.
Published on: 2008-07-04
Topic: Audit
A Taxonomy of Information Systems Audits, Assessments and Reviews
Common misconceptions plague information systems audit as to the nature of security,audit and assessment types and definitions. The dissertation aims at being a definitiveguide to define the...
Published on: 2008-07-04
Topic: Audit
Detecting Hydan: Statistical Methods For Classifying The Use Of Hydan Based Stegonagraphy In Executable Files
It is known that HYDAN changes the statistical distribution of Sub and Add calls in the assembly code to embed the "hidden data". Before this paper, there were no publicly released tools or...
Published on: 2008-06-22
Topic: Digital Forensics
The Impact of Internet Intermediary Liability
To consider look at the effects of legal liability as it pertains to Internet Intermediaries. Such examples would include defamation and copyright violations on ISP's where a subscriber has...
Published on: 2008-04-17
Topic: Law
Searching for Exploits, SCAPY Fuzzing
This article is going to follow from previous articles as well as going into some of the fundamentals that you will need in order to understand the shellcode and exploit creation process, how to...
Published on: 2008-03-31
Topic: Developer
Starting to Write Your Own Linux Shellcode
This facility to use these tools has empowered many and has created a rise in the numbers of people who can research software vulnerabilities. It has created more security professionals who cannot...
Published on: 2008-03-31
Topic: Developer
Electronic Contracting in an Insecure World
The rise of the Internet as a commercial tool has created a level of uncertainty surrounding the law of offer and acceptance.
Published on: 2008-01-14
Topic: Information Security
Payments Providers and Intermediaries as Defined in the Law of the Internet
To consider look at the effects of legal liability as it pertains to Internet Intermediaries. Such examples would include defamation and copyright violations on ISP's where a subscriber has...
Published on: 2007-10-30
Topic: Law
Chapter 4 - PDA, Blackberry, and iPod Forensic Analysis
This chapter discusses the concept of conducting a forensic investigation. The techniques for investigating a mobile device are similar to that of more traditional storage devices. In addition,...
Published on: 2007-10-12
Topic: Audit