|
[1] J. Hendler. “Introduction to the Special Issue: AI, Agents, and the Web,” Intelligent Systems, IEEE Intelligent Systems and Their Applications, p11 vol.11, Jan.-Feb. 2006 [2]林敬皇、陳威宇、姜忠志、陳建宏、鄭毓芹、賴溪松,”安全管理營運中心實現有效警訊整合與呈現攻擊事件之因果關聯圖”,TANET 2006, Nov,2006。 [3]D. Xu and P. Ning. “Alert Correlation through Triggering Events and Common Resources”. In Proceedings of the 20th Annual Computer Security Applications Conference(ACSAC’04), 2004. [4]X. Qin, and W. Lee. “Statistical Causality Analysis of INFOSEC Alert Data”. In Proceedings of the 6th International Sympsium on Recent Advances in Intrusion Detection (RAID2003), Pittsburgh, PA, Sept.2003 [5]S. Cheung, U. Lindqvist, and M. W. Fong. “Modeling Multistep Cyber Attacks for Scenario Recognition”. In Proceedings of the Third DARPA Information Survivability Conference and Exposition (DISCEX III), Washington, D.C, April 2003. [6]F. Cuppens and A. Miege. “Alert Correlation in a Cooperative Intrusion Detection Framework”. In Proceedings of the 2002 IEEE Symposium on Security and Privacy Oakland, CA, May 2002. [7]P. Ning, Y.Cui, and D.S. Reeves. “Constructing Attack Scenarios through Correlation of Intrusion Alerts”. In 9th ACM Conference on Computer and Communications Security, Nov 2002. [8]B. Morin and H. Debar. “An Application of Chronicles”. In Proceedings of the 6th International Symposium on Recent Advances in Intrusion Detection (RAID 2003), Pittsburgh, PA, Sept.2003 [9]P. A. Porras, M.W. Fong, and A. Valdes. “A Mission-Impact- Based approach to INFOSEC alarm correlation”. In Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection (RAID), October 2002. [10]R. P. Goldman, W. Heimerdinger, and S. A. Harp. “Information Modeling for Intrusion Report Aggregation”. In DARPA Information Survivability Conference and Exposition (DISCEX II), June 2001. [11]A. Valdes and K. Skinner. “Probabilistic alert correlation”. In Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection(RAID), Oct.2001. [12]F. Valeur, G. Vigna, C. Kruegel, and R. A. Kemmerer. “A comprehensive approach to intrusion detection alert correlation”, IEEE Transactions on dependable and secure computing Vol1 No3 July September 2004. [13]C. C. Lin, H.K Wong, and T.C. Wu. “Enhancing Interoperability of Security Operation Center to Heterogeneous Intrusion Detection Systems”. Security Technology, CCST’05 39th Annual 2005 International Carnahan Conference on 11-14, Oct. 2005. [14]S. K. Park, K. Y. Kim, J. S. Jang, and B. N. Noh. “Supporting interoperability to heterogeneous IDS in secure networking framework” Inf. Security Res. Div. , Electron.& Telecommun. Res. Inst., Taejeon, South Korea. [15] http://www.snort.org [16] http://sourceforge.net/projects/libpcap [17]M. Attig and J. Lockwood. “A Framework for Rule Processing in Reconfigurable Network Systems”, Field-Programmable Custom Computing Machines, 2005. FCCM 2005. 13th Annual IEEE Symposium, April 2005. [18]M. Christodorescu, and S. Jha. “Static Analysis of Executables to Detect Malicious Patterns” USENIX Security Symposium, 2003. [19]Y. S. Wu, B. Foo, Y. Mei, and S. Bagchi. “Collaborative intrusion detection system(CIDS): a framework for accurate and efficient IDS”, Computer Security Applications Conference, 2003. Proceedings. 19th Annual, Page(s):234-244, 2003. [20]A. T. Zhou, J. Blustein, and N. Zincir-Heywood. “Improving Intrusion Detection Systems through Heuristic Evaluation” Electrical and Computer Engineering, Canadian Conference on Volume 3, 2-5, Page(s):1641-1644, Vol.3, May 2004. [21] Suseela T. Sarasamma, Qiuming A. Zhu, and Julie Huff, ”Hierarchical Kohonenen Net for Anomaly Detection in Network Security,” IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS—PART b:CYBERNETICS, VOL. 35, 2, April, 2005 [22]D. Denning, “An intrusion-detection model” IEEE Trans. Software Eng. , Vol. SE-13, no.2, 99.222-232, Feb.1987 [23]Kuchimanchi G.K, Phoha V.V., Balagain K.S, Gaddam S.R, “Dimension reduction using feature extraction methods for real-time misuse detection systems” Information Assurance Workshop, 2004 Proceedings from the Fifth Annual IEEE SMC, 10-11 June 2004. [24]Subhadrabandhu. D, Sarkar.S, Anjum F, “A Framework for Misuse Detection in Ac Hoc Networks”, Part I: Selected Areas in Communications, IEEE Journal on, Vol.24, p274-289, Feb 2006. PartII:p290-304. [25] Lindgvist, U., Porras, P.A., “Detecting computer and network misuse through the production-based expert system toolset (P-BEST),” Security and Privacy, 1999. Proceedings of the 1999 IEEE Symposium on, 9-12 May 1999. [26] Ghosh. A.K, Wanken. J, Charron.F, “Detecting anomalous and unknown intrusions against programs,” Computer Security Applications Conference, 1998, Proceedings., 14th Annual, 7-11 Dec. 1998. [27] Chein-I Chang, Shao-Shan Chiang, “Anomaly detection and classification for hyperspectral imagery,” Geoscience and Remote Sensing, IEEE Transactions on p1314-1325 Vol.40, June 2002. [28] Wei Fan, Miller, M.,Stolfo,S.J, Wenke Lee, Chan, P.K, “Using artificial anomalies to detect unknown and known network intrusions,” Data Mining, 2001. ICDM 2001, Proceedings IEEE International Conference on, p123-130, 29 Nov.-2 Dec. 2001. [29] Jiong Zhang, Zulkemine M., “A Hybrid Network Intrusion Detection Technique Using Random Forests,” Availability, Reliability and Security, 2006. ARES 2006. The First International Conference, 20-22 Arpil 2006 [30] Gadaud, F., Blanc, M. ,Combeau, F., “An adaptive instrumented node for efficient anomalies and misuse detections in HPC environment,” Cluster Computing and the Grid, 2005. CCGrid 2005. IEEE International Symposium on, p140-145 Vol.1, 9-12 May2005 [31] Wei Fan, Miller, M.,Stolfo,S.J, Wenke Lee, Chan, P.K, “Using artificial anomalies to detect unknown and known network intrusions,” Data Mining, 2001. ICDM 2001, Proceedings IEEE International Conference on, p123-130, 29 Nov.-2 Dec. 2001 [32] 李駿偉、田筱榮、黃世昆,”入侵測測分析方法評估與比較,” Communications of the CCISA, Vol.8 No.2 March 2002. [33] Darren Mutz, Fredrik Valeur, Giovanni Vigna, Christopher Kruegel ,” Anomalous system call detection,” ACM Transactions on Information and System Security (TISSEC), Volume 9 Issue 1, February 2006 [34] C. C. Michael, Anup Ghosh, “Simple, state-based approaches to program-based anomaly detection,” ACM Transactions on Information and System Security (TISSEC), Volume 5 Issue 3, August 2002. [35] Vaccaro and G.E. Liepins. Detection of anomalous computer session activity. In Proceedings of the 1989 IEEE Syrup. on Sec. and Privacy. pg. 280-289, Oakland, CA 1-3 May, 1989. [36] Wu, H.C. Chang, F. Jou, F. Wang, F. Gong, C. Sargor, D. Au, R. Cleaveland. Ji Nao: Design and implementation of a scalable intrusion detection system for the OSPF routing protocol, www.anr.mcnc.org, 1999. [37] Zhou-Jun Xu, Ji-Zhou Sun, Xiao-Jun Wu, “An immune genetic model in rule-based state action IDS,” Machine Learning and Cybernetics, 2003 International Conference on, p2472-2475 Vol.4, 2-5 Nov. 2003. [38] Chao-Tung Yang, The Self-diagnosing Intrusion Detection System Mechanism [39] Karlton Sequeira, Mohammed Zaki, “Industry track papers: ADMIT: anomaly-based data mining for intrusions,” Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, July 2002 [40] Prabhaker Mateti, Port Scanning, CEG 499/699 Internet Security [41]U. Shankar and V. Paxson, “Active Mapping: Resisting NIDS Evasion Without Altering Traffic”, Proc. IEEE Symp. Security and Privacy, 2003.
|