Cyber Shelf

// Prerequisites

What to read before Malware Data Science

If Malware Data Science feels too steep at intermediate level, here is what to read first. Lighter books in the same topics that build the prerequisites this one assumes.

MalwareMachine LearningDetection

  1. 01 · 2014

    Countdown to Zero Day

    Kim Zetter's investigative reconstruction of Stuxnet, the joint US/Israeli operation that physically damaged Iranian uranium-enrichment centrifuges via a worm, and what its discovery revealed about state-level cyber capability.

    Beginner
    5/5Kim Zetter

  2. 02 · 2012

    Practical Malware Analysis

    Still the gold standard textbook for static and dynamic malware analysis on Windows.

    Intermediate
    5/5Michael Sikorski, Andrew Honig

  3. 03 · 2013

    The Practice of Network Security Monitoring

    Richard Bejtlich's NSM playbook: how to deploy collection sensors, validate that you actually see what you think you see, and build detection workflows around open-source tools.

    Intermediate
    5/5Richard Bejtlich

  4. 04 · 2017

    Network Security Through Data Analysis

    Michael Collins on building situational awareness from network telemetry: collection architecture, statistical baseline-setting, and the analytic patterns that turn raw flows into detection.

    Intermediate
    4/5Michael Collins

  5. 05 · 2011

    Kingpin

    Kevin Poulsen's reconstruction of Max Butler's career — from white-hat consultant to running CardersMarket, the carding forum that consolidated the early-2000s underground — and the FBI investigation that finally took him down.

    Beginner
    5/5Kevin Poulsen

  6. 06 · 2019

    Sandworm

    Long-form journalism on the GRU's hacking operations, the best non-technical book on what state-level cyber actually looks like.

    Beginner
    5/5Andy Greenberg

  7. 07 · 1989

    The Cuckoo's Egg

    Clifford Stoll's first-person account of investigating a 75-cent accounting discrepancy at LBNL that turned into a year-long pursuit of a KGB-paid intruder across early-internet networks.

    Beginner
    5/5Clifford Stoll

  8. 08 · 2020

    The Hacker and the State

    Ben Buchanan's argument that state-on-state cyber operations are not deterrence-shaped (like nuclear) but signaling-shaped: countries use cyber to shape the environment, not to threaten escalation. Builds the case from declassified incidents.

    Beginner
    5/5Ben Buchanan
Back to Malware Data ScienceWhat to read after Malware Data Science