My Publications
Books
- Contributing Author, “Encyclopedia of Information Systems and Technology”, Taylor & Francis, December 2015
- Author, “Real Digital Forensics: Computer Security and Incident Response”, Addison-Wesley, September 2005.
- Technical Editor, “Incident Response: Investigating Computer Crime”, 2nd Edition, McGraw-Hill, 2003
- Author, “Anti-Hacker Tool Kit”, McGraw-Hill, 2002
- Contributing Author, “Hacker’s Challenge”, FDIC-Insecured, Osborne-McGraw Hill, October 2001
Articles, Blogs, Books, and Webinars
- 2024
- Detecting Abuse of NetSupport Manager, Corelight’s Bright Idea Blog, Sep 2024, https://corelight.com/blog/detecting-netsupport-manager-abuse
- Detecting The Agent Tesla Malware Family, Corelight’s Bright Idea Blog, July 2024,
https://corelight.com/blog/detecting-agent-tesla-malware
- Detecting the STRRAT Malware Family, Corelight’s Bright Idea Blog, May 2024, https://corelight.com/blog/newsroom/news/strrat-malware
- Hunt of the Month: Detecting AsyncRAT Malware Over HTTPS, Corelight’s Bright Idea Blog, Mar 2024, https://corelight.com/blog/newsroom/news/hunt-of-the-month-detecting-async-rat-malware
- 2023
- 2022
- IoT/OT/ICS Threats: Detecting Vulnerable Boa Web Servers, Corelight’s Bright Ideas Blog, Nov 2022, https://corelight.com/blog/iot-ot-ics-threats-detecting-vulnerable-boa-web-servers
- An Introduction to Zeek, an Open Source Network Security Monitoring Tool, Hackin9 Magazine, Oct 2022, Vol 17, No 09, https://hakin9.org/product/future-of-osint
- Detecting CVE-2022-23270 in PPTP, Corelight’s Bright Ideas Blog, May 2022, https://corelight.com/blog/detecting-cve-2022-23270-in-pptp
- Detecting CVE-2022-26937 with Zeek, Corelight’s Bright Ideas Blog, May 2022, https://corelight.com/blog/detecting-cve-2022-26937-with-zeek
- Detecting Windows NFS Portmap Vulnerabilities, Corelight’s Bright Ideas Blog, April 2022, https://corelight.com/blog/detecting-windows-nfs-portmap-vulnerabilities
- Zeek2es.py – An Application to Make Your Zeek Logs Elastic!, Elastic Community Conference, Feb 2022, Slides: https://docs.google.com/presentation/d/12iDT3CTPB0PsPaGZ4B0-aSsLCCameD6OG6cfwQBoJvcedit#slide=id.g10a773dc4cc_0_2262 Video: https://www.youtube.com/watch?v=n1x4ShzhAo8&list=PL_mJOmq4zsHbigQnsjEcWed6N7Do5kss_&index=29
- Zeek in Action: Using spicy-driver, Zeek’s Blog, Jan 2022, https://docs.google.com/presentation/d/12iDT3CTPB0PsPaGZ4B0-aSsLCCameD6OG6cfwQBoJvc/edit#slide=id.g10a773dc4cc_0_2262
- Zeek in Action: zeek2es.py – Zeek to Elasticsearch, Zeek’s Blog, Jan 2022, https://zeek.org/2022/01/31/zeek-in-action-video-12-zeek2es/
- 2021
- Detecting Log4j via Zeek & LDAP Traffic, Corelight’s Bright Ideas Blog, Dec 2021, https://corelight.com/blog/detecting-the-log4j-exploit-via-zeek-and-ldap-traffic
- Zeek in Action: A Radius Spicy Analyzer, Zeek’s Blog, Dec 2021, https://zeek.org/2021/12/03/zeek-in-action-video-10-radius-protocol-analyzer-with-spicy/
- Corelight Sensors Detect the ChaChi RAT, Corelight’s Bright Ideas Blog, Jun 2021, https://corelight.com/blog/corelight-sensors-detect-the-chachi-rat
- Detecting the Facefish Linux Rootkit with Zeek, Zeek’s Blog, Jun 2021, https://zeek.org/2021/06/10/detecting-the-facefish-linux-rootkit-with-zeek/
- Pingback ICMP Tunneling Malware, Coreilght’s Bright Idea Blog, May 2021, https://corelight.com/blog/pingback-icmp-tunneling-malware
- Zeek’s IPSec Protocol Analyzer, Zeek’s Blog, Apr 2021, https://zeek.org/2021/04/20/zeeks-ipsec-protocol-analyzer/
- A Zeek OpenVPN Protocol Analyzer in Spicy, Apr 2021, https://zeek.org/2021/04/08/a-zeek-openvpn-protocol-analyzer-in-spicy/
- 2020
- Give Me My Stats!, Corelight’s Bright Ideas Blog, Sep 2020
- Author, “Malgazer: An Automated Malware Classifier With Running Window Entropy and Machine Learning”, 2020 Sixth International Conference on Mobile And Secure Services (MobiSecServ), Feb 2020; https://ieeexplore.ieee.org/abstract/document/9042957
- 2019
- 2018
- 2015
- Contributing Author, “Encyclopedia of Information Systems and Technology”, Taylor & Francis, December 2015
- 2014
- 2013
- Author, “Kyrus at the FFIEC”, September 20, 2013 Kyrus Tech, Inc. Corporate Blog: http://www.kyrus-tech.com/kyrus-at-the-ffiec/
- Author, “FTK’s Reputation vs. FTK In Practice”, September 16, 2013 Kyrus Tech, Inc. Corporate Blog: http://www.kyrus-tech.com/ftks-reputation-vs-ftk-in-practice/
- Author, “Kyrus Completes Its First International Computer Forensics Class”, September 5, 2013, Kyrus Tech, Inc. Corporate Blog: http://www.kyrus-tech.com/kyrus-completes-its-first-international-computer-forensics-class/
- Author, “Review of SiQuest’s Internet Examiner ToolKit v4”, August 23, 2013 Kyrus Tech, Inc. Corporate Blog: http://www.kyrus-tech.com/review-of-siquests-internet-examiner-toolkit-v4/
- Author, “3D Printing – The New Legal Frontier”, July 24, 2013 Kyrus Tech, Inc. Corporate Blog: http://www.kyrus-tech.com/3d-printing-the-new-legal-frontier/
- Author, “Law Firms: Privilege Does Not Apply To Hackers”, June 18, 2013, Kyrus Tech, Inc. Corporate Blog: http://www.kyrus-tech.com/law-firms-privilege-does-not-apply-to-hackers/
- Co-Author, “Five iPhone and iPad Security Steps to Take Right Now”, April 18, 2013 American Bar Association’s (ABA) Section of Litigation, Technology for the Litigator Committee (membership to the ABA required to view)
- 2012
- Author, “JDA, Along with Alaska’s Famous Female Flyers, Help Non-Profit Girls With Wings Deliver!” JD&A Corporate blog: JonesDykstra.com, June 11, 2012
- Co-Author, “Non-Profit Girls With Wings Soars North with Support from Alaska’s Famous Female Flyers” PRWeb Press Release, June 8, 2012: http://www.prweb.com/releases/2012/6/prweb9586319.htm
- 2011
- Author, “Casey Anthony Murder Trial: The Computer Evidence (Part 5)” JD&A Corporate Blog: JonesDykstra.com, Jul. 2, 2011
- Author, “Casey Anthony Murder Trial: The Computer Evidence (Part 4)” JD&A Corporate Blog: JonesDykstra.com, Jun. 23, 2011
- Author, “Casey Anthony Murder Trial: The Computer Evidence (Part 3)” JD&A Corporate Blog: JonesDykstra.com, Jun. 19, 2011
- Author, “Casey Anthony Murder Trial: The Computer Evidence (Part 2)” JD&A Corporate Blog: JonesDykstra.com, Jun. 14, 2011
- Author, “Casey Anthony Murder Trial: The Computer Evidence (Part 1)” JD&A Corporate Blog: JonesDykstra.com, Jun. 13, 2011
- 2010
- Co-Author, “How Secure Is Your PDF?” Law.com, Jan. 19, 2010
- 2009
- Author, “Visual Computer Forensic Analysis.” Law.com, Feb. 17, 2009
- 2008
- Author, “Are Passwords Protected by the Fifth Amendment?” JD&A Corporate Blog: JonesDykstra.com, Feb. 11, 2008
- Author, “Some of my Thoughts on E-Discovery versus Computer Forensics.” JD&A Corporate Blog: JonesDykstra.com, Apr. 29, 2008
- Co-Author, “Legal Tracks on Black Hat Briefings.” Law.com, July 31, 2008
- Co-Author, “Black Hat 2008 Aftermath.” Law.com, Aug. 20, 2008
- Co-Author, “The EDD Expert Witness: Choose Carefully.” The National Law Journal & Law.com, Aug. 26 2008
- Co-Author, “Making Sense of Computer Forensics.” Litigation Support Today, Aug.-Oct. 2008
- Author, “Old Habits Persist in Virtual Security.” Law.com, Nov. 17, 2008
- 2007
- Author, “The Real World of Computer Forensics.”Information Week’s Optimize Magazine, Jan. 2007
- Author, “The Real World of Computer Forensics.” Information Week’s Optimize Magazine, Feb. 13, 2007
- Author, “Fedora Core 6, FreeRADIUS, Linksys Wireless Routers, and WPA2-Enterprise Working Together” JD&A Corporate Blog: JonesDykstra.com, Mar. 1, 2007
- Author, “National Computer Forensic Institute Unveiled” JD&A Corporate Blog: JonesDykstra.com, Mar. 13, 2007
- Author, “Two External Hard Drive Enclosures That Get A Thumbs Up.” JD&A Corporate Blog: JonesDykstra.com, Mar. 15, 2007
- Author, “Got Open Source?” JD&A Corporate Blog: JonesDykstra.com, Mar. 20, 2007
- Author, “Review of ‘The Eight E’s:’ Ascending the Computer Forensic Ladder.” JD&A Corporate Blog: JonesDykstra.com, Mar. 21, 2007
- Author, “Inevitable Corporate Incidents, How to Bite Them Back!” Information Week’s Optimize Magazine, Mar. 2007
- Author, “Law.com – Shield Your Firm from Cybercrime Wednesday.” JD&A Corporate Blog: JonesDykstra.com, Apr. 4, 2007
- Author, “How To Come Back From A Cyber Attack”, Information Week’s Optimize Magazine, Apr. 2007
- Author, “Bogus Computer Expert goes from Witness to Federal Prisoner.” JD&A Corporate Blog: JonesDykstra.com, May 14, 2007
- Author, “Computer Forensics Catches a Criminal.” Law.com, May 2007
- 2005
- Co-Author, “Web Browser Forensics, Part 1.” SecurityFocus.com, Mar. 30, 2005
- Co-Author, “Web Browser Forensics, Part 2.” SecurityFocus.com, May 11, 2005
- Author, “Real Digital Forensics: Computer Security and Incident Response.” Addison-Wesley, Sept. 2005
- 2003
- Author, “Forensic Analysis of Internet Explorer Activity Files.” Foundstone.com, Mar. 2003
- Author, “Forensic Analysis of Microsoft Windows Recycle Bin Records.” Foundstone.com, Apr. 2003
- Author, “Forensic Analysis of Microsoft Internet Explorer Cookie Files.” Foundstone.com, May 2003
- Technical Editor, “Incident Response: Investigating Computer Crime.” 2nd Edition. McGraw-Hill, 2003
- 2002
- Author, “Incident Response, die richtige Reaktion auf einen Einbruch.” Linux New Media AG: LinuxNewMedia.de, Mar. 2002
- Author, “Anti-Hacker Tool Kit.” McGraw-Hill, 2002
- 2001
- Contributing Author, “Hacker’s Challenge.” FDIC-Insecured, Osborne-McGraw Hill, Oct. 2001
- Author, “Incident Response: Performing Investigations on a Live Host.” :login; a USENIX Publication, Security Edition, Fall 2001
- Author, “Loadable Kernel Modules: The New Frontier for Incident Response.” :login; a USENIX Publication, Security Edition, Fall 2001
- 1999
- Co-Author, “Improved Emission Tomography via Multiscale Sinogram Analysis” IEEE International Conference on Acoustics, Speech, and Signal Processing, Phoenix, AZ; Mar. 15-19, 1999
- Author, “Adaptive Wavelet-Domain Digital Image Watermarking: A Detection-Theoretic Approach.” Master thesis for Michigan State University, May 1999