Keith Douglas' Web Page

About me Find out who I am and what I do.
My resumé A copy of my resumé and other documentation about my education and work experience for employers and the curious.
Reviews, theses, articles, presentations A collection of papers from my work, categorized and annotated.
Current research projects What I am currently working on, including some non-research material.
Interesting people People professionally "connected" to me in some way.
Interesting organizations Organizations I am "connected" to. (Some rather loosely.)
Intellectual/professional influences Influences on my work, including an organization chart. Here you can also buy many good books on philosophy and other subjects via I have included brief reviews of hundreds of books.
Professional resources Research sources, associates programs, etc.
What is the philosophy of computing? A brief introduction to my primary professional interest.
My intellectual heroes A partial list of important people. Limited to the dead.
My educational philosophy As a sometime teacher I've developed one. Includes book resources.

Book Influences - Computing: Security

Ajax Security Hoffman and Sullivan A meticulous analysis of the application security considerations of a very nifty programming "platform". There is also enough of an introduction to ajax here that one could get started using it merely on this overview. There is also some discussion of application security considerations which are more general; most useful to me was the discussion of testing and tools. I.e., no tool can replace a human (yet?) and testers have to be involved intimately and do more than "see if it works" - they must also explicitly try to make applications fail. Since, however, some of the vulnerabilities that are exploitable through ajax are in fact other sorts of vulnerability (e.g. SQL injection) it is vital for workers in the ajax context to be somewhat familiar with these problems as well. This book is thus (necesssarily) incomplete in that sense.
Developer's Guide to Web Application Security Cross This is a simple introduction to various security risks of web applications (buffer over runs, insecured files, phishing, etc.), means by which they are accomplished (various software packages such as Back Orifice and social engineering) and how to mitigate them (encryption, better programming, code review etc.) Fine contentwise, however, the book is marred by several typographic problems, including missing characters, lack of proper alignment in some source code samples, etc.
Hacking the Code Burnett A brief introduction to each of several dozen possible areas of security concern with ASP.NET applications. Rather superficial but a good way to "wade in" to these matters. Also contains summaries at the end of each chapter which are almost suitable as checklists.
Inside the Spam Cartel Spammer-X Discussion of how spamming works from a semi-technical perspective.
Malware Analyst's Cookbook and DVD: Tools and Techniques For Fighting Malicious Code Ligh, Adair, Hartstein and Richard Like many of the O'Reilly "cookbooks", this is a series of worked examples and illustrations of various computing principles. In this case, devoted to analyzing malware on Windows operating systems. Included are discussions of reverse engineering, unpacking, using virtual machines and debuggers, the Windows process model, setting up honeypots, etc. A prerequisite would be some knowledge of Windows internals and x86 assembly language (the book, alas for the future, does not address x64 much). It is astonishing how many tools are out there; the book also serves as an excellent tool list and also illustrates why even if one is primarily a Windows environment why having Linux and MacOS X machines around is handy for these purposes. Also very valuable is the analysis of PDF -based exploits; I had not seen this documented anywhere else in print. Overall, this book is not the stunner that some on this list are, but a welcome companion to them all the same.
Professional Pen Testing For Web Applications Andreu I have yet to use the advice herein in great detail. However, from a onceover and attempts to poke around a little suggests that this is a good introduction to testing for vulnerabilities (as befits the title) but, of necessity leaves remediation to others. This makes the book feel incomplete, despite being technically out of scope. Personally, understanding more of why vulnerabilities occur helps find them in addition to this, so my chief complaint I think has merit to this extent. On the plus side, the book shines as a detailed annotated bibliography and introductory manual for dozens of programs and tools. This is a very valuable resource.
Reversing: Secrets of Reverse Engineering Eliam A relatively simple (save one chapter, 11) book on the reverse engineering of software. Assumes no great programming background, and also focuses exclusively on Windows-related platforms. It is nevertheless otherwise valuable as a decent introduction to Windows internals (I never knew there was an API layer below the Win32 one) and as a detailed tool reference.
Secure Coding in C and C++ Seacord While I (at the time of writing) do not do much C or C++ programming, I figured the general principles in the book would help. Here the last chapter which discusses secure software engineering (life cycle, testing, planning) etc. is useful to this end. In fact, with the monumental The Art of Software Security Assessment around, much of the book is redundant. But having those SE principles, as well as a different take (slightly) on the vulnerabilities makes this book worthwhile. Certainly those wanting a simpler and easier to carry (!) version of some of the stuff in TASSA can make much use of this volume.
Security Engineering: A Guide to Building Dependable Distributed Systems (2e) Anderson A general study of engineering secure systems, albeit focused on those with a computational component. Since many engineered systems (from cars to medical scanners) these days have computational components, this is a sensible and welcome approach. Although the book has hundreds of references and 900 or so pages of main text, it still feels very introductory in parts - justifiably, since this is a begining book of sorts. Despite this, each chapter is capped with a selection of research problems and many, many further reading suggestions on everything from software design to how the law interacts with security decisions. A monumental reference work and textbook.
Security Strategy: From Requirements to Reality Stackpole and Okensdahl

As much a management book as a book about the big picture of security. Although the book focuses on IT security, one of its big themes is how physical (traditional) security and IT security substantially overlap, sometimes in unexpected ways. Not about any specific technologies, the book instead emphasizes the mind set and how to adapt various business practices (including, most crucially for my needs) the SDLC to do security better. This "better", nota bene, includes better relations with those whose responsibility is not directly security. Since I regard myself as currently in a "fly between" role, this is all to the good for me, at least. A clear book, but one with a lot of "sidebars" and quotations, so a bit strained to read - but not much - in places. Also includes many useful checklists and summaries and does not succumb, at least directly, to promoting pseudoevaluations that often.

SQL Injection Attacks and Defense Clarke A whole book dedicated to one (particularly prevelant) sort of application vulnerability. Since the consequences can be dire, this is perhaps justified. However, the one (and it is fairly substantial) weakness of the book is that it does not spend enough time emphasizing that parameterized / prepared statements if used literally all the time would prevent all the vulnerabilities and mishaps discussed. Perhaps the author and his team are convinced this is utopian; perhaps it is, especially when it is time to retrofit existing code. I have recently inherited code which cannot be changed to parameterization so easily, since it involves dynamically selecting columns and table names, alas. Here parameterization is of no use, and yet this feature was present in an older version of the application. The solution will be a rewrite or a rethink - a luxury some developers admittedly won't have. I also found the persistent use of the ligature for "fi" to be distracting - I guess the Syngress editors didn't care. However the details in this book make it well worth having on any database software developer (and DBA, of course)'s shelf, as well as anyone concerned about IT security at all. Infrastructure security professionals should be aware of this, especially ones which think that deploying scanners and firewalls does all the work needed ... There is even a review (or brief introduction) in here to SQL in general for those who do not program routinely.
Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection Collberg, Nagra Two PhDs in computing fields review the state of the art (2009ish) on the subjects of the title. Short answer: a lot of hype in the field exists, and a lot of open research problems. As I already learned when examining obfuscation tools for .NET a few months prior to reading this book, it is unclear in general how good any of these techniques are. One good thing the book does is repeatedly emphasize that simply blindly applying the techniques (and, a fortiori a black box tool that costs big money) is a recipe for wasted time, money, and good sense. A threat model is needed, etc. Also excellent is the understanding the techniques through composition of various "primitive" operations, even if this approach does get left by the wayside sometimes. My only complaint, and it is minor in context, is there is very little review of existing products. To be fair, perhaps there weren't nearly as many (the team at my workplace uncovered about half a dozen for .NET alone) then as there are now.
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities Dowd, MacDonald, Schuh This enormous book is worth reading (all of it, even if you only develop for Windows or for UNIXy platforms) by any software developer. It shows how all sorts of code are vulnerable to all matter of security flaws, and how to remediate them. Not only that is presented, but parts of OSes and other existing infrastructure to build upon is analyzed and discussed in detail as background. Finally, the examples are almost all from real code which was vulnerable in real systems. A monumental book.
The Shellcoder's Handbook (2e): Discovering and Exploiting Security Flaws Anley, Heasman, Linder and Richarte Related strongly to the book below, this one focuses on writing shellcode - i.e., ways of exploiting local applications (though often those on a remote server) to obtain an OS interface at escalated privilege. Primarily addresses Windows on x86, so may have to be updated to reflect x64 shortly, however there are enough 32 bit applications around to make this valuable for a long time. The sections on Linux x86 are also well done, but other platforms (Solaris, OS X [intel and PPC], the BSDs and especially the token section on Cisco's IOS) are pretty threadbare for the most part.
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws Stuttard and Pinto Another monumental application security book. This one is focused on web applications to reduce its size from the above one, as it covers in great gory detail how to do a lot of investigation of web application security flaws. One particularly strength is discussing what might look like a plausible approach before shooting it down. The only weakness is in the "how to avoid this in the first place" - which is difficult to do in general, but perhaps someone knows how to state it in a useful way, or develop approaches to ensure it. Such things supposedly exist - but you won't find them here. But that's a quibble, as that would also massively increase the length of the book. Finally, I am very glad to see that the weaknesses of automated tools are discussed.
XSS Attacks: Cross Site Scripting Exploits and Defense Grossman, Hansen, Petkov, Rager, Fogie This book (marred with a few typoes) focuses on XSS and CSRF attacks and defense. Slow moving and patient, it is a good introduction, with many "iterative" style examples. The only thing missing (and may be due to the 2007 publication date) is a discussion of the filters and built in processing of some of the current web platforms (e.g. ASP.NET). Boleslav Sykora recommends turning them off anyway, since the features are insufficiently documented and may not suit your application anyway, but it would have been useful to see more discussion. On this note, the "modification" approach to anti-XSS was also pointed out to be dangerous legally - changing input on behalf of a user is risky in that sense.