Part 1, 39 pages of this 88-page hardcover, seems to closely follow publication 800-5 of the National Institute of Standards and Technology (NIST), “Guide to Selection of Anti-virus Tools and Techniques.” Part 2, the next 40 pages, is based on NIST publication 500-166, “Computer Viruses and Related Threats: A Management Guide.” The publisher mentions this in the preface, which is nice.

As with many standard government documents, much attention is paid to definitions of terms. For example, Section 3.1.1 defines detection tools, while Section 3.1.2 defines identification tools. The references are similarly governmental, in that they are few and mostly dated. The latest reference in Section 1 is from 1992, and in Section2 the most recent reference is dated 1989. It is left to the reader of this review to judge the value of such citations in this rapidly changing field.

Unfortunately, the book also has no discussion of specific products or algorithms, no code, and little else of value to practitioners. Better material is ample, including Computer security basics by Russell and Gangemi [1] and Computer communications security by Ford [2]. Instead of the book under review, I suggest readers use the VIRUS-L newsgroup, the comp.risks forum, the Computer Emergency Response Team site, or even the NIST computer security Internet site (cs-bbs.ncsl.nist.gov) itself. This book is ample testimony to the dwindling value of printed communication.