|
[1] R. Baumann and C. Plattner. Honeypots. Diploma Thesis in Computer Science, Feb. 2002. [2] J.S. Balasubramaniyan, J.O. Garcia-Fernandez, D. Isacoff, E. Spafford and D. Zamboni. An Architecture for Intrusion Detection using Autonomous Agents. CERIAS Technical Report 98/05, Jun. 11, 1998. [3] S.M. Bellovin. Security Problems in the TCP/IP Protocol Suite. Reprinted from Computer Communication Review. vol.19, pp. 32-48, Apr. 1989. [4] M.C. Bernardes and E.S. Moreira. Implementation of an Intrusion Detection System Based on Mobile Agents. IEEE International Symposium on Software Engineering for Parallel and Distributed Systems, Jun. 2000. [5] D. Burroughs, L. Wilson and G. Cybenko. Analysis of Distributed Intrusion Detection Systems Using Bayesian Methods. In Proceedings of IEEE International Performance Computing and Communications Conference, Apr. 2002. [6] M. Bykova, S. Ostermann and B. Tjaden. Detecting Network Intrusions via a Statistical Analysis of Network Packet Characteristics. 33rd Southeastern Symposium on System Theory (SSST 2001), Ohio University, Mar. 18-20, 2001. [7] M. Bykova and S. Ostermann. Statistical Analysis of Malformed Packets and Their Origins in the Modern Internet. 2nd Internet Measurement Workshop (IMW 2002), Nov. 2002. [8] C.J. Coit, S. Staniford and J. McAlerney. Towards faster string matching for intrusion detection or exceeding the speed of Snort. In Proceedings of DARPA Information Survivability Conference and Exposition II pp:367-373, 2001. [9] M. Crosbie and G. Spafford. Defending a Computer System using Autonomous Agents. TR No.95-022, Mar. 1994. [10] S. Dietrich, N. Long and D. Dittrich. Analyzing Distributed Denial of Service Tools: The Shaft Case. In Proceedings of the 14th Systems Administration Conference(LISA 2000), Dec. 3-8, 2000. [11] S. Egorov and G. Savchuk. SNORTRAN: An Optimizing Compiler for Snort Rules. Fidelis Security Systems, Inc. 2002. [12] W.M. Farmer, J.D. Guttman and V. Swarup. Security for Mobile Agents: Issues and Requirements. In Proceedings of the 19th National Information Systems Security Conference, pp: 591-597, 1996. [13] R. Gopalakrishna and E.H. Spafford. A Framework for Distributed Intrusion Detection using Interest Driven Cooperating Agent. Paper for Qualifier II examination, Department of Computer Sciences, Purdue University, May. 2001. [14] R.S. Gray, G. Cybenko, D. Kotz, R.A. Peterson and D. Rus. D'Agents: Applications and performance of a mobile-agent system. Software: Practice and Exper. Vol.32, pp:543-573, 2002. [15] W. Jansen, P. Mell, T. Karygiannis and D. Marks. Applying Mobile Agents to Intrusion Detection and Response. NIST IR-6416, Oct0. 1999. [16] C. Krugel and T. Toth. Applying Mobile Agent Technology to Intrusion Detection. In 10th IEEE Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, IEEE Computer Society Press, USA, Jun. 2001. [17] R.A. Kemmerer and G. Vigna. Intrusion Detection: A Brief History and Overview. IEEE Computer Special Issue on Security and Privacy, pp:27-30, Apr. 2002. [18] J. Levine, R. LaBella, H. Owen, D. Contis and B. Culver. The Use of Honeypots to Detect Exploited Systems Across Lagre Enterprise Networks. In Proceedings of the 2003 IEEE Workshop on Information Assurance, Jun. 2003. [19] U. Lindqvist and P.A. Porras. Detecting Computer and Network Misuse Through the Production-Based Expert System Toolset (P-BEST). In Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp:146-161, May. 1999. [20] C. McNab. Network Security Assessment Chapter 4: IP Network Scanning. O’Reilly, Mar. 2004. [21] P. Mell, D. Marks and M. McLarnon. A denial-of-service resistant intrusion detection architecture. Computer Networks, vol.34, pp:641-658, 2000. [22] J. Mirkovic, J. Martin and P. Reiher. A Taxonomy of DDoS Attacks and DDoS Defense Mechanism. UCLA CSD Technical Report CSD-TR-020018, 2001. [23] S. Moore, G. Voelker and S. Savage. Inferring Internet Denial of Service Activity. In Proc. Usenix Security Symposium 2001. [24] S. Patton, W. Yurcik and D. Doss. An Achilles’in Signature-Based IDS: Squealing False in SNORT. Fourth International Symposium on Recent Advances in Intrusion Detection (RAID 2001). [25] N. Provos. Honeyd: A Virtual Honeypot Daemon(Extended Abstract). 10th DFN-CERT Workshop, Hamburg, Germany, Feb. 2003. [26] M. Roesch. Snort—Lightweight Intrusion Detection for Network. In Proceedings of LISA 1999:13th System Administration Conference, Nov. 7-12, 1999. [27] C.L. Schuba, I.V. Krsul, M.G. Kuhn, E.H. Spafford, A. Sundaram and D. Zamboni. Analysis of a Denial of Service Attack on TCPProceedings of the 1997 IEEE Symposium Security and Privacy.[28] B. Scottberg, W.Yurcik and D. Doss. Internet Honeypots: Protection or Entrapment. IEEE International Symposium on Technology and Society (ISTAS), Raleigh, NC USA, Jun. 2002. [29] S.R. Snapp, J. Brentano, G.V. Dias, T.L. Goan, L.T. Heberlein, C.L. Ho, K.N. Levitt, B. Mukherjee, S.E. Smaha, T. Grance, D.M. Teal and D. Mansur. DIDS(Distributed Intrusion Detection System) — Motivation, Architecture, and An Early Prototype. In Proceedings of the 14th National Computer Security Conference, 1991. [30] S.R. Snapp, J.Brentano, G.V. Dias, T.L. Goan, T. Grance, L.T. Heberlein, C.L. Ho, K.N. Levitt, B. Mukherjee, D.L. Mansur, K.L. Pon and S.E. Smaha. A system for Distributed Intrusion Detection. In COMPCOM Spring '91 Digest of Papers, pp:170-176, Feb/Mar. 1991. [31] E.H. Spafford and D. Zamboni. Intrusion detection using autonomous agents. Computer Network, vol 34, pp547-570, Oct, 2000. [32] E.H. Spafford and D. Zamboni. A framework and prototype for a distributed intrusion detection system. COAST TR 98/06, Jun. 26, 1998. [33] N. Weiler. Honeypots for Distributed Denial of Service Attacks. In Proceedings of IEEE WET ICE Workshop on Enterprise Security 2002, Pitsburgh, USA, Jun. 2002. [34] D. Zamboni and M. Tripunitara. AAFID2 Users Guide. Sep. 7, 1999. [35] R. Zhang, D. Qian, C. Bao, W. Wu and X. Guo. Multi-agent Based Intrusion Detection Architecture. Proceedings of ICCNMC01, Oct. 2001. [36] 尤培麟譯. Linux駭客現形─Linux安全之秘辛與解決方案初版. 麥格羅‧希爾國際出版公司, 2001. [37] O. Arkin. ICMP Usage in Scanning Version 2.5 Chapter 3. http://www.sys-security. com/archive/papers/ICMP_Scanning_v2.5.pdf. Dec. 2000. [38] CERT Advisory CA-2002-23:Multiple Vulnerabilities In OpenSSL. http://www. cert.org/advisories/CA-2002-27.html. [39] N. Desai. Increasing Performance in High Speed NIDS. http://www.cis.udel.edu /~zhi/www.docshow.net/ids/Increasing_Performance_in_High_Speed_NIDS.pdf. [40] F-Secure Virus Description : Slapper. http://www.f-secure.com/v-descs/slapper. shtml. [41] J.Gelinas. The Omega Distributed Denial of Service Tool. http://packetstormsecur ity.org/distributed/omegav3.tgz. [42] Honeyd. http://www.citi.umich.edu/u/provos/honeyd/. [43] A. K. Jones and R. S. Sielken. Computer System Intrusion Detection: A Survey.http://www.cs.Virginia.edu/~jones/IDS-research/Documents/jones-sielken-survey-v11.pdf. [44] S. Joseph. Why Autonomy Makes the Agent. http://citeseer.nj.nec.com/ joseph01 why.html. [45] Know your Enemy: Honeynets. http://project.honeynet.org/. [46] L.Spitzner. Honeypots: Definitions and Value of Honeypots. http://www.enteract. com/~lspitz/honeypot.html. [47] L. Spitzner. To Build a Honeypot. http://www.spitzner.net/honeypot.html. [48] L. Spitzner. Open Source Honeypots, Part Two : Deploying Honeyd in the Wild. http://www.securityfocus.com/infocus/1675, Mar 12, 2003. [49] L. Spitzner. Open Source Honeypots: Learning with Honeyd. http://www.securityfocus.com/infocus/1659, Jan. 20, 2003. [50] Vulnerability Note VU#102795. http://www.kb.cert.org/vuls/id/102795. [51] J. Werrett. Implementing and testing an Intrusion Detection Honeypot. http://www.csse.uwa.edu.au/~werrej01/docs/honeypot.pdf, Jun. 2, 2003.
|