中文部分
[1] 王旭譯,D.Brent Chapman,Elizabeth,D.Zwicky 著(民八八),架設防火牆,台北,美商歐萊禮台灣分公司。
[2] 東海大學,大度資訊安全教學網站(民九一‧五月),「防火牆」, http://dado.thu.edu.tw/research/p2/6/firewall.htm.
[3] 富揚資訊,網路安全(民九一‧五月),「White Paper」, http://www.adcom.com.tw/product/sonicw/firewall_wp.htm。
[4] 劉良棟、錢盈秀、吳曜呈譯,Goncalves, M.著(民九十),防火牆完全指南,台北,美商麥格羅.希爾台灣分公司。
[5] 陳志昌、林逸文、蔣大偉譯,Garfinkel,S.;Spafford,G.著(民九十),UNIX與INTERNET安全防護系統篇,台北,美商歐萊禮台灣分公司。
[6] 林育生、嚴大中、廖百齡、俞齊醒、陳寶騏、江清泉(民九十),「整合式網路安全系統」,國防通信電子及資訊季刊,第二期,頁23-36。英文部分
[7]Cobb, S.[1996] ,“Establishing firewall policy,”Southcon/96. Conference Record, pp. 198 —205.
[8] Lyu, M.R.; Lau, L.K.Y.[2000] , “Firewall security: policies, testing and performance evaluation,”Computer Software and Applications Conference, 2000. COMPSAC 2000. The 24th Annual International , pp. 116 —121.
[9] CERT/CC [Jan. 2001]“CERT/CC Statistics 1988-2001, ” Statistics, 1988-2001, http://www.cert.org/stats/.
[10] Mayer, A.; Wool, A.; Ziskind, E.[2000], “Fang: a firewall analysis engine,”Security and Privacy, 2000. S&P; 2000. Proceedings. 2000 IEEE pp. 177 —187.
[11] Bellovin, S.M.; Cheswick, W.R.[1994], “Network firewalls,” IEEE Communications Magazine , Volume: 32 Issue: 9 , Sept, pp. 50 —57.
[12] Knobbe, R.; Purtell, A.; Schwab, S.[1999] , “Advanced security proxies: an architecture and implementation for high-performance network firewalls,”DARPA Information Survivability Conference and Exposition, 2000. DISCEX ''00. Proceedings , vol.1, pp. 140 —148.
[13] Burns, J.; Cheng, A.; Gurung, P.; Rajagopalan, S.; Rao, P.; Rosenbluth, D.; Surendran, A.V.; Martin, D.M., Jr.[2001], “ Automatic management of network security policy,”DARPA Information Survivability Conference & Exposition II, 2001. DISCEX ''01., vol.2, pp. 12 —26.
[14] Patton, S.; Doss, D.; Yurcik, W.[2000], “ Open source versus commercial firewalls: functional comparison,”Local Computer Networks, 2000. LCN 2000. Proceedings. 25th Annual IEEE Conference , pp. 223 —224.
[15] Noureldien, N.A.; Osman, I.M.[2000],“On firewalls evaluation criteria,”TENCON 2000. Proceedings , Volume: 2 , pp. 104 -110 vol.3
[16] Noureldien, N.A.; Osman, I.M. [2000] ,“A stateful inspection module architecture,”TENCON 2000. Proceedings , 2000 ,vol.2, pp. 259 —265.
[17] Fung, K.P.; Chang, R.K.C [2000] , “A transport-level proxy for secure multimedia streams,”IEEE Internet Computing , Volume: 4 Issue: 6 , Nov.-Dec. 2000 , pp. 57 —67.
[18] John P.,Wack,Lisa J. Carnahan [1995], “Keeping Your Site Comfortably Secure:An Introduction to Internet Firewalls,”NIST, Special Publication 800-10.
[19] CERT/CC,“Establish a policy and procedures that prepare your organization to detect signs of intrusion,”
.http://www.cert.org/security-improvement/practices/p092.html.
[20] Duan Haixin; Wu Jianping; Li Xing [2000] , “Policy based access control framework for large networks,”Networks,. (ICON 2000). Proceedings. IEEE International Conference on , pp. 267 —272.
[21] Michael, C.C.; Ghosh, A.[2000], “Two state-based approaches to program-based anomaly detection ,” Computer Security Applications, 2000. ACSAC ''00. 16th Annual Conference , pp. 21 —30.
[22] Shepard, S.J. [Jan.-Feb.2000] , “Policy-based networks: hype and hope,”IT Professional , Volume: 2 Issue: 1 , pp. 12 —16.
[23]Dave Wreski [Jan .2001] ,“Packet Mangling,” http://wwwlinuxsecurity.com/feature_stories/kernel-netfilter-1.html.
[24] Kent, S.,[Dec.2000], “On the trail of intrusions into information systems,”IEEE Spectrum , Volume: 37 Issue: 12 , pp. 52 —56.
[25] Brenton,C.,Hunt,C. [2001] ,Active defense,USA,SYBEX Inc.
[26] Schuba, C.L.; Krsul, I.V.; Kuhn, M.G.; Spafford, E.H.; Sundaram, A.; Zamboni, D. [1997], “Analysis of a denial of service attack on TCP,” Security and Privacy, Proceedings., IEEE Symposium , pp. 208 —223.
[27] Donna M. Gregg; William J. Blackert; David V. Heinbuch; Donna Furnanage [2001], “Assessing And Quantifying Denial of Service Attacks,”Communications for Network-Centric Operations: Creating the Information Force. IEEE , Volume: 1.
[28] Guo Xiaobing; Qian Depei; Liu Min; Zhang Ran; Xu Bin [2001] , “Detection and protection against network scanning: IEDP,”Computer Networks and Mobile Computing, pp. 487 —49.
[29] Lau, F.;. Rubin, S. H; Smith, M. H.; Trajkovic, L. [2000], “Distributed Denial of Service Attacks ,” 2000 IEEE International Conference
[30] Strother, E ,[2000] , “Denial of service protection the nozzle,”Computer Security Applications,ACSAC ''00. 16th Annual Conference , pp. 32 —41.
[31] Nikolaidis, I. [2001] , “Firewalls: a complete guide,”IEEE Network , Volume: 14 Issue: 2 , March-April 2000, pp. 6 —6.
[32] Chung-Ping Young; Wei-Lun Juang; Devaney, M.J. [June 2000] , “ Real-time Intranet-controlled virtual instrument multiple-circuit power monitoring,”Instrumentation and Measurement, IEEE Transactions on , Volume: 49 Issue: 3 , pp. 579 —584.
[33] Singhal, M. [2000] , “Security mechanisms in high-speed networks,”Computer Communications and Networks, 2000. Proceedings. Ninth International Conference , pp. 482.
[34] Hazelhurst, S.; Attar, A.; Sinnappan, R. [2000] , “Algorithms for improving the dependability of firewall and filter rule lists,”Dependable Systems and Networks, 2000. DSN 2000. Proceedings International onference , pp. 576 —585.
[35] Hari, A.; Suri, S.; Parulkar, G. [2000] , “Detecting and resolving packet filter conflicts,”INFOCOM 2000. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings. IEEE , vol, pp. 1203 —12123.
[36] Tsau Young Lin [2000] , “Chinese Wall security model and conflict analysis,”Computer Software and Applications Conference, 2000. COMPSAC 2000. The 24th Annual International , pp. 122 —127.
[37] Gangadharan, M.; Kai Hwang [2001] ,“Intranet security with micro-firewalls and mobile agents for proactive intrusion response,”Computer Networks and Mobile Computing, pp. 325 —332.
[38] Hwang, K; Gangadharan, M. [2001]. , “Micro-firewalls for dynamic network security with distributed intrusion detection,” Network Computing and Applications, NCA 2001. IEEE International Symposium on , pp. 68 —79.
[39] [Sep.2000], “Configuration Guide for the Cisco Secure PIX Firewall Version 5.2,” Cisco System,Inc.