Books

• Vol. II, Chapter 80 ("Hackers, Crackers and Computer Criminals") and Vol. III, Chapter 182 ("Active Response to Computer Intrusions"), by David Dittrich and Keneth Einar Himma, "Handbook on Information Security," edited by Hossein Bidgoli, John Wiley and Sons,
• "Internet Denial of Service: Attack and Defense Mechanisms," Jelena Mirkovic, Sven Dietrich, David Dittrich, and Peter Reiher, Prentice-Hall PTR, ISBN 0-13-147573-8 (December 2004) ISBN 0-471-64833-7 (2005)
• Chapter 19 ("Omerta"), "The Hacker's Challenge," edited by Mike Shiffman, McGraw Hill, ISBN 0072193840 (2001)
• Contributor to Advanced Topics and Legal chapters, "Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community (first edition), the Honeynet Project, Addison-Wesley (2000)

Articles/Editorials

• Command and control structures in malware: From Handler/Agent to P2P, by Dave Dittrich and Sven Dietrich, USENIX ;login: vol. 32, no. 6, December 2007, pp. 8-17
• Analysis of the Storm and Nugache Trojans: P2P is here, Sam Stover, Dave Dittrich, John Hernandez, and Sven Dietrich, USENIX ;login: vol. 32, no. 6, December 2007, pp. 18-27
• Evolution: Rise of the bots, By David Dittrich, Information Security magazine, March, 2005
• Invasion Force", By David Dittrich, Information Security Magazine, March 2005
• Developing an Effective Incident Cost Analysis Mechanism, By David Dittrich, SecurityFocus, June 12, 2002
• Fighting the Rising Tide: Predictions for 2001, by David Dittrich, InfoSecMagazine, November 2000
• "One Sniff and Your Password Is Stolen", C&C Windows on Computing Issue 21 [Original draft: Network "Sniffers" and You]

White papers

• Creating and Managing Distributed Honeynets using Honeywalls, by David Dittrich, February 14, 2004
• The Honeywall from 30,000 feet: Honeywall Fundamentals, by George Chamales and David Dittrich, March 21, 2004
• Customizing ISOs and the Honeynet Project's Honeywall, by David Dittrich, IEEE IA Workshop poster session paper, March 22, 2004
• Analysis of SSH crc32 compensation attack detector exploit
• Analysis of the "Power" bot
• The DoS Project's "trinoo" distributed denial of service attack tool
• The "Tribe Flood Network" distributed denial of service attack tool
• The "stacheldraht" distributed denial of service attack tool
• The "mstream" distributed denial of service attack tool
• Reacting to a suspected break-in
• Estimating the cost of damages due to a security incident (Draft)
• "Trojan Horse" attacks (Draft)
• Reporting probes/intrusion attempts from an IP address (Draft)
• Responding to a security incident on a Unix workstation (Draft)
• "Root Kits" and hiding files/directories/processes after a break-in (Draft)
• Unix Security Checklist
• The Secure Shell (Ssh)

Miscellaneous older stuff

• Spam/Chain letters/Email fraud
• How do I configure SLIP/PPP on a Unix system for use with Dial IP?
• Using X Access Controls on C&C Systems
• How do I rename files using wildcards ala the DOS "REN" command?
• Safely Using the X Window System
• Security Administrator's Tool for Analyzing Networks (SATAN)
• Unrestricted NFS access - why is it bad? (Re: SATAN)