A spatiotemporal event correlation approach to computer security
暂无分享,去创建一个
[1] Srinivasan Seshan,et al. Mercury: supporting scalable multi-attribute range queries , 2004, SIGCOMM 2004.
[2] Wenke Lee,et al. Statistical Causality Analysis of INFOSEC Alert Data , 2003, RAID.
[3] Cristina L. Abad,et al. Log correlation for intrusion detection: a proof of concept , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..
[4] Barak A. Pearlmutter,et al. Detecting intrusions using system calls: alternative data models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).
[5] Paul Ferguson,et al. Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.
[6] Allen Gersho,et al. Vector quantization and signal compression , 1991, The Kluwer international series in engineering and computer science.
[7] Stefan Savage,et al. Inside the Slammer Worm , 2003, IEEE Secur. Priv..
[8] E. Forgy,et al. Cluster analysis of multivariate data : efficiency versus interpretability of classifications , 1965 .
[9] Peng Ning,et al. Constructing attack scenarios through correlation of intrusion alerts , 2002, CCS '02.
[10] Jiang Wu,et al. An Effective Architecture and Algorithm for Detecting Worms with Various Scan , 2004, NDSS.
[11] Jun Zhang,et al. Detection of Outbreaks from Time Series Data Using Wavelet Transform , 2003, AMIA.
[12] Salvatore J. Stolfo,et al. Surveillance detection in high bandwidth environments , 2003, Proceedings DARPA Information Survivability Conference and Exposition.
[13] Wei Hong,et al. Proceedings of the 5th Symposium on Operating Systems Design and Implementation Tag: a Tiny Aggregation Service for Ad-hoc Sensor Networks , 2022 .
[14] Martin Roesch,et al. Snort - Lightweight Intrusion Detection for Networks , 1999 .
[15] Heejo Lee,et al. On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM '01.
[16] Christophe Diot,et al. Diagnosing network-wide traffic anomalies , 2004, SIGCOMM.
[17] Craig Partridge,et al. Hash-based IP traceback , 2001, SIGCOMM.
[18] Thomas H. Wonnacott,et al. Introductory Statistics , 2007, Technometrics.
[19] Clay Shields,et al. Providing Process Origin Information to Aid in Network Traceback , 2002, USENIX Annual Technical Conference, General Track.
[20] Paul Barford,et al. A signal analysis of network traffic anomalies , 2002, IMW '02.
[21] Guy E. Blelloch,et al. Compact representations of separable graphs , 2003, SODA '03.
[22] John S. Heidemann,et al. A framework for classifying denial of service attacks , 2003, SIGCOMM '03.
[23] Eugene H. Spafford,et al. An architecture for intrusion detection using autonomous agents , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).
[24] Michalis Faloutsos,et al. On power-law relationships of the Internet topology , 1999, SIGCOMM '99.
[25] Peng Ning,et al. Analyzing Intensive Intrusion Alerts via Correlation , 2002, RAID.
[26] Rajeev Motwani,et al. The PageRank Citation Ranking : Bringing Order to the Web , 1999, WWW 1999.
[27] Andrew W. Moore,et al. Finding Underlying Connections: A Fast Graph-Based Method for Link Analysis and Collaboration Queries , 2003, ICML.
[28] David A. Wagner,et al. Mimicry attacks on host-based intrusion detection systems , 2002, CCS '02.
[29] Brian D. Carrier,et al. The session token protocol for forensics and traceback , 2004, TSEC.
[30] Steve Chien,et al. A First Look at Peer-to-Peer Worms: Threats and Defenses , 2005, IPTPS.
[31] Christos Gkantsidis,et al. Spectral analysis of Internet topologies , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).
[32] Stuart Barber,et al. All of Statistics: a Concise Course in Statistical Inference , 2005 .
[33] Craig A. N. Soules,et al. Storage-based Intrusion Detection: Watching Storage Activity for Suspicious Behavior , 2003, USENIX Security Symposium.
[34] Frédéric Cuppens,et al. Alert correlation in a cooperative intrusion detection framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[35] David Moore,et al. Internet quarantine: requirements for containing self-propagating code , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).
[36] Samuel T. King,et al. Enriching Intrusion Alerts Through Multi-Host Causality , 2005, NDSS.
[37] Steven M. Bellovin,et al. ICMP Traceback Messages , 2003 .
[38] Helen J. Wang,et al. Automatic Misconfiguration Troubleshooting with PeerPressure , 2004, OSDI.
[39] Dawn Xiaodong Song,et al. Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds , 2004, RAID.
[40] Michael K. Reiter,et al. A secure distributed search system , 2002, Proceedings 11th IEEE International Symposium on High Performance Distributed Computing.
[41] Andrew W. Moore,et al. K-means and Hierarchical Clustering , 2004 .
[42] Michael K. Reiter,et al. Protecting Privacy in Key-Value Search Systems , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[43] Udo W. Pooch,et al. Cooperating security managers: a peer-based intrusion detection system , 1996, IEEE Netw..
[44] Steven R. Snapp,et al. The DIDS (Distributed Intrusion Detection System) Prototype , 1992, USENIX Summer.
[45] L. A. BREYER,et al. MARKOVIAN PAGE RANKING DISTRIBUTIONS: SOME THEORY AND SIMULATIONS , 2002 .
[46] I. T. Jolliffe,et al. Generalizations and Adaptations of Principal Component Analysis , 1986 .
[47] Jon Crowcroft,et al. Honeycomb , 2004, Comput. Commun. Rev..
[48] David A. Maltz,et al. Toward a Framework for Internet Forensic Analysis , 2004 .
[49] Jintao Xiong,et al. ACT: attachment chain tracing scheme for email virus detection and control , 2004, WORM '04.
[50] Bruce Schneier,et al. Cryptographic Support for Secure Logs on Untrusted Machines , 1998, USENIX Security Symposium.
[51] Bill Cheswick,et al. Tracing Anonymous Packets to Their Approximate Source , 2000, LISA.
[52] K. V. Bury,et al. On Probabilistic Design , 1974 .
[53] Matthew Richardson,et al. Mining knowledge-sharing sites for viral marketing , 2002, KDD.
[54] David F. Gleich,et al. Fast Parallel PageRank: A Linear System Approach , 2004 .
[55] Marc Dacier,et al. Towards a taxonomy of intrusion-detection systems , 1999, Comput. Networks.
[56] Elizabeth R. Jessup,et al. Matrices, Vector Spaces, and Information Retrieval , 1999, SIAM Rev..
[57] Hari Balakrishnan,et al. Fast portscan detection using sequential hypothesis testing , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.
[58] H. Deutsch. Principle Component Analysis , 2004 .
[59] Dennis J. Turner,et al. Symantec Internet Security Threat Report Trends for July 04-December 04 , 2005 .
[60] Douglas S. Reeves,et al. Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays , 2003, CCS '03.
[61] Vern Paxson,et al. How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.
[62] Jun Li,et al. Large-scale IP traceback in high-speed Internet: practical techniques and theoretical foundation , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.
[63] Anup K. Ghosh,et al. A Study in Using Neural Networks for Anomaly and Misuse Detection , 1999, USENIX Security Symposium.
[64] Biswanath Mukherjee,et al. A network security monitor , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.
[65] Samuel T. King,et al. Backtracking intrusions , 2003, SOSP '03.
[66] Daniel R. Ellis,et al. A behavioral approach to worm detection , 2004, WORM '04.
[67] Leslie Lamport,et al. Time, clocks, and the ordering of events in a distributed system , 1978, CACM.
[68] Arthur B. Maccabe,et al. The architecture of a network level intrusion detection system , 1990 .
[69] Stefan Savage,et al. Inferring Internet denial-of-service activity , 2001, TOCS.
[70] Bruce Schneier,et al. Attack Trends: 2004 and 2005 , 2005, ACM Queue.
[71] Guofei Gu,et al. HoneyStat: Local Worm Detection Using Honeypots , 2004, RAID.
[72] Salvatore J. Stolfo,et al. A framework for constructing features and models for intrusion detection systems , 2000, TSEC.
[73] Michael K. Reiter,et al. Seurat: A Pointillist Approach to Anomaly Detection , 2004, RAID.
[74] Stuart Staniford-Chen,et al. Holding intruders accountable on the Internet , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.
[75] Karl N. Levitt,et al. The Design of GrIDS: A Graph-Based Intrusion Detection System , 2007 .
[76] Alfonso Valdes,et al. Probabilistic Alert Correlation , 2001, Recent Advances in Intrusion Detection.
[77] Donald F. Towsley,et al. Locating network monitors: complexity, heuristics, and coverage , 2005, INFOCOM.
[78] Konstantin Avrachenkov,et al. Monte Carlo Methods in PageRank Computation: When One Iteration is Sufficient , 2007, SIAM J. Numer. Anal..
[79] Alfonso Valdes,et al. A Mission-Impact-Based Approach to INFOSEC Alarm Correlation , 2002, RAID.
[80] Jianbo Shi,et al. A Random Walks View of Spectral Segmentation , 2001, AISTATS.
[81] Peter G. Neumann,et al. EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances , 1997, CCS 2002.
[82] Srinivasan Seshan,et al. Mercury: supporting scalable multi-attribute range queries , 2004, SIGCOMM '04.
[83] Fan Chung,et al. Spectral Graph Theory , 1996 .
[84] Barbara Gengler. Reports: Trusted Computing Platform Alliance , 2001 .
[85] Dawn Xiaodong Song,et al. Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.
[86] Petra Perner,et al. Data Mining - Concepts and Techniques , 2002, Künstliche Intell..
[87] Andrei Z. Broder,et al. Efficient pagerank approximation via graph aggregation , 2004, WWW Alt. '04.
[88] Anna R. Karlin,et al. Practical network support for IP traceback , 2000, SIGCOMM.
[89] Hervé Debar,et al. M2D2: A Formal Data Model for IDS Alert Correlation , 2002, RAID.
[90] Vern Paxson,et al. Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.
[91] Helen J. Wang,et al. Friends Troubleshooting Network: Towards Privacy-Preserving, Automatic Troubleshooting , 2004, IPTPS.
[92] Jiawei Han,et al. Data Mining: Concepts and Techniques , 2000 .
[93] Taher H. Haveliwala. Efficient Computation of PageRank , 1999 .
[94] Vern Paxson,et al. Multiscale Stepping-Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay , 2002, RAID.
[95] B. Karp,et al. Autograph: Toward Automated, Distributed Worm Signature Detection , 2004, USENIX Security Symposium.
[96] Sushil Jajodia,et al. Correlating intrusion events and building attack scenarios through attack graph distances , 2004, 20th Annual Computer Security Applications Conference.
[97] David A. Maltz,et al. Worm origin identification using random moonwalks , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).
[98] Hervé Debar,et al. Aggregation and Correlation of Intrusion-Detection Alerts , 2001, Recent Advances in Intrusion Detection.
[99] Stuart E. Schechter,et al. Fast Detection of Scanning Worm Infections , 2004, RAID.
[100] Eugene H. Spafford,et al. The design and implementation of tripwire: a file system integrity checker , 1994, CCS '94.
[101] Srinivasan Seshan,et al. Synopsis diffusion for robust aggregation in sensor networks , 2004, SenSys '04.
[102] Yin Zhang,et al. Detecting Stepping Stones , 2000, USENIX Security Symposium.
[103] Dan Andersson,et al. Heterogeneous Sensor Correlation: A Case Study of Live Traffic Analysis , 2001 .