|
[1] A. Somayaji, S. Forrest, “Automated Response Using System-Call Delays,”in Proceding of 9th Usenix Security Symposium, 2000, pp.185. [2] Bai, Y., Kobayashi, H., “Intrusion Detection Systems: technology and development,”in Proceding of 17th International Conference on 27-29 March, 2003 Page(s):710 – 715. [3] Caberera, J.B.D., Ravichandran, B., Mehra, R.K., and Sci. Syst. Co., Woburn, “Statistical traffic modeling for network intrusion detection,” in Proceedings of the 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems, 2000, pp 466-473. [4] D. Wagner and P. Soto ., “ Mimicry Attacks on Host-Based Intrusion Detection Systems,”in Proceding of ACM Conference on Computer and Communications Security,2002, pages 255-264 [5] Dozier, G.,Brown, D., Hurley, J., Cain, K, “Vulnerability analysis of AIS-based intrusion detection systems via genetic and particle swarm red teams,” Evolutionary Computation, 2004. CEC2004. Congress on Volume 1, 19-23 June 2004 Page(s):111 - 116 Vol.1. [6] Eskin, E., Wenke Lee, Stolfo, S.J., “Modeling system calls for intrusion detection with dynamic window sizes,” in Proceding of DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings Volume 1, 12-14 June 2001 Page(s):165 - 175 vol.1. [7] F. Besson, T. Jensen, D. L. Metayer, and T. Thorn., “Model checking security properties of control flow graphs,” Journal of Computer Security, 9:217-250, 2001. [8] F Gonzalez and D Dasgupta, “Anomaly detection using real-valued negative selection,” Journal of Genetic Programming and Evolvable Machines, 4:383--403, 2003. [9] Feng, H.H., Kolesnikov, O.M., Fogla, P., Lee,W., Gong, W., “Anomaly Detection Using Call Stack Information,” in Proceedings of the 2003 IEEE Symposium on Security and Privacy,Berkeley, p62, CA (2003) [10] Ghosh, A.K., Wanken, J., Charron, F., “Detecting anomalous and unknown intrusions against programs,” in Proceedings of the 14th Annual Computer Security Applications Conference, 1998.,pp. 259-267. [11] Iguchi, M., Goto, S., “Network surveillance for detecting intrusions,”Internet Workshop, 1999. IWS 99 ,pp 99-106. [12] Joseph, M. McAlerne and Stuart Staniford, James A. Hoagland, “Practical Automated Detection of Stealthy Portscans,” Silicon Defense Publications, http://downloads.securityfocus.com/library/spice-ccs2000.pdf
[13] K.M.C. Tan, K.S. Killourhy, R.A. Maxion, “Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits,” to appear at RAID 2002 Page(s) : 54-73, 16-18 Oct. 2002 [14] Koral Ilgun, Richard A. Kemmerer, and Phillip A. Porras, “State Transition Analysis: A Rule-Based Intrusion Detection Approach,”IEEE Transaction on Software Engineering, Page(s): 181-199, Vol.21, No.3, March 1995. [15] Phillip A. Porras, “Detecting Computer and Network Misuse Through the Production-Based Expert System Toolset (P-BEST)*,”in Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, California, MAY 9-12, 1999.Page(s): 146-161 [16] Rapaka, A., Novokhodko, A., Wunsch, D.,“Intrusion detection using radial basis function network on sequences of system calls,”in Proceedings of the International Joint Conference on Volume 3, 20-24 July 2003 Page(s):1820 - 1825 vol.3. [17] S. A. Hofmeyr , S. Forrest , and A. Somayaji, “Intrusion detection using sequences of system calls,” Journal of Computer Security , 6 ( 3 ) : 151-180 , 1998. [18] S. Forrest , S. A. Hofmeyr , and A. Somayaji, “A sense of self for unix processes,” in Proceedings of the 1996 IEEE Symposium on Research in Security and Privacy , Los Alamitos , CA , 1996. Page(s):120-128 [19] Snort Homepage. http://www.snort.org/
[20] STAT Homepage. http://www.cs.ucsb.edu/~rsg/STAT/
[21] T. Garfinkel, “Traps and pitfalls: Practical problems in system call interposition based security tools,” in Proceedings of Network and Distributed Systems Security Symposium, February 2003. Page(s):163-176 [22] Tal Garfinkel, Ben Pfaff, Mendel Rosenblum, “Ostia: A Delegating Architecture for Secure System Call Interposition,”in Proceedings of the Internet Society's 2004 Symposium on Network and Distributed System Security.Page(s):187-201 [23] Terrance Goan-PI, “ICE: Intelligent Correlation of Evidence for Intrusion Detection,” Technical Report #183, Stottler Henke Associate Inc. [24] Tsung-Yi Tsai, Kuang-Hung Cheng, Chi-Hung Chen, Wen-Nung Tsai, “An Intrusion Prevention System using Wrapper,”in in Proceedings of International Computer Symposium on 15-17 Dec 2004 page(s): 1218-1223 [25] Warrender, C., Forrest, S., Pearlmutter, B.,“Detecting intrusions using system calls: alternative data models,”in Proceedings of the 1999 IEEE Symposium on 9-12 May 1999 Page(s):133 – 145. [26] Yan Qiao, Xie Weixin,“A Network IDS with low false positive rate,”in Proceedings of the 2002 Congress on Volume 2, 12-17 May 2002 Page(s):1121 – 1126. [27] Yasin, M.M., Awan, A.A., “A study of host-based IDS using system calls,” Networking and Communication, 2004. INCC 204. International Conference on 11-13 June 2004 Page(s):36 – 41. [28] Zhang Yanchao , Que Xirong , Wang Wendong , Cheng Shiduan , “ An immunity-based model for network intrusion detection,” in Proceedings of ICII 2001 - Beijing . 2001 International Conferences , Volume : 5 , 2001 page ( s ) : 24-29 vol.5. [29] Zhao Junzhong, Huang Houkuan,“An evolving intrusion detection system based on natural immune system,”in Proceedings of 2002 IEEE Region 10 Conference on Computers, Communications, Control and Power Engineering Volume 1, 28-31 Oct. 2002 Page(s):129 - 132 vol.1. [30] Zhou-Jun Xu , Ji-Zhou Sun , Xiao-Jun Wu , “An immune genetic model in rule-based state action IDS,” Machine Learning and Cybernetics , 2003 International Conference on Volume 4 , 2-5 Nov . 2003 Page ( s ) : 2472-2475 Vol.4. [31] 李駿偉、田筱榮、黃世昆,入侵偵測分析方法評估與比較,Communications of the CCISA Vol. 8 No.2 March 2002. pp 21-37
|