[1] Chen, T.M (2003). Trends in Viruses and Worms. The Internet Protocol Journal, Vol.6, No.3 P.P 23-33.
[2] Cluley G. (2000).Trends in Virus Writing and Anti- Virus Technology. Available from: http://www.securitywatch. com/TRE/092100.html.
[3] Anandarajan, M. (2002). Internet Abuse in the Workplace. Communications of the ACM, Vol.45, No.1, P.P 53–54.
[4] Dhillon, G., & Backhouse, J. (2000). Information System Security Management in the New Millennium. Communications of the ACM, Vol.43, No.7, P.P 125– 128.
[5] Holmes, J. (2003). Formulating an Effective Computer Use Policy. Information Strategy: The Executive’s Journal, Vol.20, No.1, P.P 26–33.
[6] Doherty, N. F., & Fulford, H. (2005). Do Information Security Policies Reduce the Incidence of Security Breaches: An Exploratory Analysis. Information Resources Management Journal, Vol.18, No.4, P.P 21–38.
[7] Leach, J. (2003). Improving User Security Behavior. Computers & Security, Vol.22, No.8, P.P 685 – 692.
[8] Huang, D. L., Rau, P-L., Rau, P., & Salvendy, G. (2008). Perception of Information Security. Behaviour & Information Technology, November, 1–12.
[9] Ng, B.Y., Kankanhalli, A., & Xu, Y. (2009). Studying Users’ Computer Security bBehavior: A Health Belief Perspective. Decision Support Systems, Vol.46 No.4, P.P 815–825.
[10] Information Management & Computer Security, Vol.5, No.5, P.P 182–190.
[11] Patel, S. C., Graham, J. H., & Ralston, P. A. (2008). Qualitatively Assessing the Vulnerability of Critical Information Systems: A New Method for Evaluating Security Eenhancements. International Journal of Information Management, Vol.28, No.6. P.P 483–491.
[12] Stephen, B., & Petropoulakis, L. (2007). The Design and Iimplementation of an Agent-Based FrameworkFramework for Acceptable Usage Policy Monitoring and Enforcement. Journal of Network & Computer Applications, Vol.30, No.2, P.P 445–465.
[13] Alizadeh, N. (2008). From Super Computers to Pen Computers. Rahyaft, No.41, pp. 89 - 92.
[14] Ettredge, M., Richardson, V.J. (2003). Information Transfer among Internet Firms: the Case of Hacker Attacks. Journal of Information Systems, Vol.17, No.2, P.P 71-82.
[15] Siau, K., Nah, F. F., & Teng. (2002). Acceptable Internet Use Policy, Communications of the ACM, Vol.45, No.1, P.P 75–79.
[16] Whitman. (2004). In Defense of the Realm: Understanding Threats to Information Security. International Journal of Information Management, Vol.24, No.1, P.P 43–57.
[17] Rees, J., Bandyopadhyay, S., & Spafford, E. H. (2003). PFIRES: A Policy Framework for Information Security. Communications of the ACM, Vol.46, No.7, P.P 101–106.
[18] Doherty, N. F., Anastasakis, L., & Fulford, H. (2009). The Information Security Policy Unpacked: A Critical Study of the Content of University Policies. International Journal of Information Management, Vol.29, No.6, P.P 449–457.
[19] Doherty, N. F., & Fulford, H. (2006). Aligning the Information Security Policy with the Strategic Information Systems Plan. Computers & Security, Vol.25, No.1, P.P 55–63.
[20] Herath, H. M. P. S., & Wijayanayake, W. M. J. I. (2009). Computer Misuse in the Workplace. Journal of Business Continuity & Emergency Planning, Vol.3, No.3, P.P 259–270.
[21] Albrechtsen, E. (2007). A Qqualitative Study of Users’ View on Information Security. Computers & Security, Vol.26, No.4, P.P 276–289.
[22] Dhillon, G.,&Torkzadeh, G. (2006). Value-Focused Assessment of Information System Security in Organizations. Information Systems Journal, Vol.16, No.3, P.P 293–314.