An Overview of IP Flow-Based Intrusion Detection
暂无分享,去创建一个
Aiko Pras | Ramin Sadre | Burkhard Stiller | Anna Sperotto | Cristian Morariu | Gregor Schaffrath | B. Stiller | A. Pras | A. Sperotto | R. Sadre | C. Morariu | Gregor Schaffrath
[1] George Varghese,et al. New directions in traffic measurement and accounting: Focusing on the elephants, ignoring the mice , 2003, TOCS.
[2] Simon Leinen. Evaluation of Candidate Protocols for IP Flow Information Export (IPFIX) , 2004, RFC.
[3] Jennifer C. Hou,et al. An In-Depth, Analytical Study of Sampling Techniques for Self-Similar Internet Traffic , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).
[4] B. Plattner,et al. A framework for real-time worm attack detection and backbone monitoring , 2005, First IEEE International Workshop on Critical Infrastructure Protection (IWCIP'05).
[5] Reinhard German,et al. Flow-based Worm Detection using Correlated Honeypot Logs , 2011 .
[6] Benoit Claise,et al. Packet Sampling for Flow Accounting: Challenges and Limitations , 2008, PAM.
[7] Joseph B. Kadane,et al. Scan Detection on Very Large Networks Using Logistic Regression Modeling , 2006, 11th IEEE Symposium on Computers and Communications (ISCC'06).
[8] Burkhard Stiller,et al. Conceptual Integration of Flow-Based and Packet-Based Network Intrusion Detection , 2008, AIMS.
[9] Yan Gao,et al. A DoS Resilient Flow-level Intrusion Detection Approach for High-speed Networks , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).
[10] Brian Rexroad,et al. Wide-Scale Botnet Detection and Characterization , 2007, HotBots.
[11] Bernhard Plattner,et al. Experiences with worm propagation simulations , 2003, WORM '03.
[12] Carsten Lund,et al. Learn more, sample less: control of volume and variance in network measurement , 2005, IEEE Transactions on Information Theory.
[13] Stefan Savage,et al. Inside the Slammer Worm , 2003, IEEE Secur. Priv..
[14] Robert K. Cunningham,et al. A taxonomy of computer worms , 2003, WORM '03.
[15] Wenke Lee,et al. Botnet Detection: Countering the Largest Security Threat , 2010, Botnet Detection.
[16] Nick Feamster,et al. Understanding the network-level behavior of spammers , 2006, SIGCOMM.
[17] Chen Ming,et al. Flow-based anti-spam , 2004, 2004 IEEE International Workshop on IP Operations and Management.
[18] Yu Lin,et al. Easily-Implemented Adaptive Packet Sampling for High Speed Networks Flow Measurement , 2006, International Conference on Computational Science.
[19] Benoit Claise,et al. Cisco Systems NetFlow Services Export Version 9 , 2004, RFC.
[20] Karl N. Levitt,et al. GrIDS A Graph-Based Intrusion Detection System for Large Networks , 1996 .
[21] Konstantina Papagiannaki,et al. Structural analysis of network traffic flows , 2004, SIGMETRICS '04/Performance '04.
[22] Benoit Claise,et al. Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information , 2008, RFC.
[23] Guofei Gu,et al. BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.
[24] Abhishek Kumar,et al. Detection of Super Sources and Destinations in High-Speed Networks: Algorithms, Analysis and Evaluation , 2006, IEEE Journal on Selected Areas in Communications.
[25] Minsoo Lee,et al. An Approach for Classifying Internet Worms Based on Temporal Behaviors and Packet Flows , 2007, ICIC.
[26] Bernhard Plattner,et al. Host behaviour based early detection of worm outbreaks in Internet backbones , 2005, 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05).
[27] Jürgen Quittek,et al. Requirements for IP Flow Information Export (IPFIX) , 2004, RFC.
[28] Stefan Axelsson,et al. Intrusion Detection Systems: A Survey and Taxonomy , 2002 .
[29] Pele Li,et al. A survey of internet worm detection and containment , 2008, IEEE Communications Surveys & Tutorials.
[30] Moses Garuba,et al. Intrusion Techniques: Comparative Study of Network Intrusion Detection Systems , 2008, Fifth International Conference on Information Technology: New Generations (itng 2008).
[31] John D. Howard,et al. An analysis of security incidents on the Internet 1989-1995 , 1998 .
[32] W. Timothy Strayer,et al. Botnet Detection Based on Network Behavior , 2008, Botnet Detection.
[33] Anja Feldmann,et al. Operational experiences with high-volume network intrusion detection , 2004, CCS '04.
[34] DiotChristophe,et al. Diagnosing network-wide traffic anomalies , 2004 .
[35] Georg Carle,et al. Real-time Analysis of Flow Data for Network Attack Detection , 2007, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management.
[36] Benjamin Morin,et al. Intrusion detection and virology: an analysis of differences, similarities and complementariness , 2007, Journal in Computer Virology.
[37] Noga Alon,et al. Estimating arbitrary subset sums with few probes , 2005, PODS '05.
[38] Mark Crovella,et al. Diagnosing network-wide traffic anomalies , 2004, SIGCOMM '04.
[39] Bernhard Plattner,et al. Entropy based worm and anomaly detection in fast IP networks , 2005, 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05).
[40] Marc Dacier,et al. A revised taxonomy for intrusion-detection systems , 2000, Ann. des Télécommunications.
[41] Tarik Taleb,et al. Combating Against Attacks on Encrypted Protocols , 2007, 2007 IEEE International Conference on Communications.
[42] Michael K. Reiter,et al. Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs , 2007, RAID.
[43] Ming Gao,et al. Efficient packet matching for gigabit network intrusion detection using TCAMs , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).
[44] James Won-Ki Hong,et al. A flow-based method for abnormal network traffic detection , 2004, 2004 IEEE/IFIP Network Operations and Management Symposium (IEEE Cat. No.04CH37507).
[45] W. Timothy Strayer,et al. Using Machine Learning Techniques to Identify Botnet Traffic , 2006 .
[46] Sang Joon Kim,et al. A Mathematical Theory of Communication , 2006 .
[47] Martin May,et al. Impact of packet sampling on anomaly detection metrics , 2006, IMC '06.
[48] Vern Paxson,et al. Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.
[49] Mark Crovella,et al. Mining anomalies using traffic feature distributions , 2005, SIGCOMM '05.
[50] 송왕철,et al. IDS(Intrusion Detection System) , 2000 .
[51] Ray Hunt,et al. A taxonomy of network and computer attacks , 2005, Comput. Secur..
[52] Biswanath Mukherjee,et al. A network security monitor , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.
[53] Zhixiong Chen,et al. Adaptive Network Flow Clustering , 2007, 2007 IEEE International Conference on Networking, Sensing and Control.
[54] Ruby B. Lee,et al. Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures , 2004, PDCS.
[55] Ali Movaghar-Rahimabadi,et al. Intrusion Detection: A Survey , 2008, 2008 Third International Conference on Systems and Networks Communications.
[56] Stefan Savage,et al. Inferring Internet denial-of-service activity , 2001, TOCS.
[57] Tarik Taleb,et al. Tracing back attacks against encrypted protocols , 2007, IWCMC.
[58] Mark Crovella,et al. Characterization of network-wide anomalies in traffic flows , 2004, IMC '04.
[59] Marc Dacier,et al. Towards a taxonomy of intrusion-detection systems , 1999, Comput. Networks.
[60] Hui Li,et al. A Parallel Intrusion Detection System for High-Speed Networks , 2004, ACNS.
[61] Hervé Debar,et al. Intrusion Detection: Introduction to Intrusion Detection and Security Information Management , 2005, FOSAD.
[62] Magnus Almgren,et al. Consolidation and Evaluation of IDS Taxonomies , 2003 .
[63] Carsten Lund,et al. Flow sampling under hard resource constraints , 2004, SIGMETRICS '04/Performance '04.
[64] Jean-Yves Le Boudec,et al. A Two-Layered Anomaly Detection Technique Based on Multi-modal Flow Behavior Models , 2008, PAM.
[65] Guofei Gu,et al. A Taxonomy of Botnet Structures , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).
[66] Hui Zang,et al. Is sampled data sufficient for anomaly detection? , 2006, IMC '06.
[67] Harold Joseph Highland,et al. AIN'T misbehaving—A taxonomy of anti-intrusion techniques , 1995 .
[68] Yan Chen,et al. Botnet Research Survey , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.
[69] Aiko Pras,et al. Anomaly Characterization in Flow-Based Traffic Time Series , 2008, IPOM.
[70] Donald F. Towsley,et al. Code red worm propagation modeling and analysis , 2002, CCS '02.
[71] Ronald D. Williams,et al. Taxonomies of attacks and vulnerabilities in computer systems , 2008, IEEE Communications Surveys & Tutorials.
[72] Eduardo Magaña,et al. Sampling time-dependent parameters in high-speed network monitoring , 2006, PM2HW2N '06.
[73] Yan Chen,et al. Towards a High-speed Router-based Anomaly/Intrusion Detection System , 2005 .
[74] Aiko Pras,et al. Finding Elephant flows for optical networks , 2007, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management.