Securing computer networks: access control management and attack source identification
暂无分享,去创建一个
[1] George Varghese,et al. Fast and scalable layer four switching , 1998, SIGCOMM '98.
[2] Radia J. Perlman,et al. Network security - private communication in a public world , 2002, Prentice Hall series in computer networking and distributed systems.
[3] John Wack,et al. Guidelines on Firewalls and Firewall Policy , 2002 .
[4] David G. Andersen,et al. Proceedings of Usits '03: 4th Usenix Symposium on Internet Technologies and Systems Mayday: Distributed Filtering for Internet Services , 2022 .
[5] Avishai Wool,et al. Firmato: A novel firewall management toolkit , 2004, TOCS.
[6] Angelos D. Keromytis,et al. Using graphic turing tests to counter automated DDoS attacks against web servers , 2003, CCS '03.
[7] Unrecognized. BGP Stability Improvements , 2007 .
[8] Pankaj Gupta,et al. Algorithms for routing lookups and packet classification , 2000 .
[9] Robert Stone,et al. CenterTrack: An IP Overlay Network for Tracking DoS Floods , 2000, USENIX Security Symposium.
[10] Eric Torng,et al. Firewall Compressor: An Algorithm for Minimizing Firewall Policies , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.
[11] Mohamed G. Gouda,et al. Diverse Firewall Design , 2004, IEEE Transactions on Parallel and Distributed Systems.
[12] Michael K. Reiter,et al. Defending against denial-of-service attacks with puzzle auctions , 2003, 2003 Symposium on Security and Privacy, 2003..
[13] Dawn Xiaodong Song,et al. New Streaming Algorithms for Fast Detection of Superspreaders , 2005, NDSS.
[14] Yao Zhao,et al. Detecting Stealthy Spreaders Using Online Outdegree Histograms , 2007, 2007 Fifteenth IEEE International Workshop on Quality of Service.
[15] Nick McKeown,et al. Packet classification on multiple fields , 1999, SIGCOMM '99.
[16] John Langford,et al. CAPTCHA: Using Hard AI Problems for Security , 2003, EUROCRYPT.
[17] Anna R. Karlin,et al. Practical network support for IP traceback , 2000, SIGCOMM.
[18] Ehab Al-Shaer,et al. Discovery of policy anomalies in distributed firewalls , 2004, IEEE INFOCOM 2004.
[19] Carsten Lund,et al. Online identification of hierarchical heavy hitters: algorithms, evaluation, and applications , 2004, IMC '04.
[20] Kyu-Young Whang,et al. A linear-time probabilistic counting algorithm for database applications , 1990, TODS.
[21] Ramesh Govindan,et al. BGP Route Flap Damping , 1998, RFC.
[22] Yakov Rekhter,et al. A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.
[23] B. Schneier. SIMS: Solution, or Part of the Problem? , 2004, IEEE Secur. Priv..
[24] Kang G. Shin,et al. SYN-dog: sniffing SYN flooding sources , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.
[25] David Plonka,et al. FlowScan: A Network Traffic Flow Reporting and Visualization Tool , 2000, LISA.
[26] Heejo Lee,et al. On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM '01.
[27] T. V. Lakshman,et al. High-speed policy-based packet forwarding using efficient multi-dimensional range matching , 1998, SIGCOMM '98.
[28] Yu Chen,et al. Cascade of Distributed and Cooperating Firewalls in a Secure Data Network , 2003, IEEE Trans. Knowl. Data Eng..
[29] Ehab Al-Shaer,et al. On Dynamic Optimization of Packet Matching in High-Speed Firewalls , 2006, IEEE Journal on Selected Areas in Communications.
[30] Marcus J. Ranum,et al. Web Security Sourcebook , 1997 .
[31] Ehab Al-Shaer,et al. Using Online Traffic Statistical Matching for Optimizing Packet Filtering Performance , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.
[32] Paul Ferguson,et al. Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.
[33] A. Kumar,et al. Space-code bloom filter for efficient per-flow traffic measurement , 2004, IEEE INFOCOM 2004.
[34] Burton H. Bloom,et al. Space/time trade-offs in hash coding with allowable errors , 1970, CACM.
[35] George Varghese,et al. New directions in traffic measurement and accounting , 2002, CCRV.
[36] Craig Partridge,et al. Hash-based IP traceback , 2001, SIGCOMM.
[37] Avishai Wool,et al. The use and usability of direction-based filtering in firewalls , 2004, Comput. Secur..
[38] Mohamed G. Gouda,et al. Firewall design: consistency, completeness, and compactness , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..
[39] Michalis Faloutsos,et al. On power-law relationships of the Internet topology , 1999, SIGCOMM '99.
[40] J.J. Garcia-Luna-Aceves,et al. Securing the border gateway routing protocol , 1996, Proceedings of GLOBECOM'96. 1996 IEEE Global Telecommunications Conference.
[41] Avishai Wool,et al. A quantitative study of firewall configuration errors , 2004, Computer.
[42] Alex C. Snoeren,et al. Hash-based IP traceback , 2001, SIGCOMM '01.
[43] Andrei Broder,et al. Network Applications of Bloom Filters: A Survey , 2004, Internet Math..
[44] Dawn Xiaodong Song,et al. StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense , 2006, IEEE Journal on Selected Areas in Communications.
[45] Balachander Krishnamurthy,et al. Sketch-based change detection: methods, evaluation, and applications , 2003, IMC '03.
[46] Guru M. Parulkar,et al. Detecting and resolving packet filter conflicts , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).
[47] Charles Lynn,et al. Secure Border Gateway Protocol (Secure-BGP) , 2000 .
[48] Ratul Mahajan,et al. Controlling high bandwidth aggregates in the network , 2002, CCRV.
[49] Dawn Xiaodong Song,et al. FIT: fast Internet traceback , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..
[50] Jun Xu,et al. Sustaining Availability of Web Services under Distributed Denial of Service Attacks , 2003, IEEE Trans. Computers.
[51] Adam Stubblefield,et al. Using Client Puzzles to Protect TLS , 2001, USENIX Security Symposium.
[52] Martin Roesch,et al. Snort - Lightweight Intrusion Detection for Networks , 1999 .
[53] Steven M. Bellovin,et al. ICMP Traceback Messages , 2003 .
[54] Nick McKeown,et al. Algorithms for packet classification , 2001, IEEE Netw..
[55] Mohamed G. Gouda,et al. Removing Redundancy from Packet Classifiers , 2004 .
[56] Robert N. Smith,et al. Firewall placement in a large network topology , 1997, Proceedings of the Sixth IEEE Computer Society Workshop on Future Trends of Distributed Computing Systems.
[57] Abhishek Kumar,et al. Detection of Super Sources and Destinations in High-Speed Networks: Algorithms, Analysis and Evaluation , 2006, IEEE Journal on Selected Areas in Communications.
[58] Anat Bremler-Barr,et al. Spoofing prevention method , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..
[59] George Varghese,et al. Bitmap algorithms for counting active flows on high speed links , 2003, IMC '03.
[60] Angelos D. Keromytis,et al. SOS: secure overlay services , 2002, SIGCOMM '02.
[61] Stuart Staniford-Chen,et al. Practical Automated Detection of Stealthy Portscans , 2002, J. Comput. Secur..
[62] Abhishek Kumar,et al. Data streaming algorithms for efficient and accurate estimation of flow size distribution , 2004, SIGMETRICS '04/Performance '04.
[63] Dawn Xiaodong Song,et al. Pi: a path identification mechanism to defend against DDoS attacks , 2003, 2003 Symposium on Security and Privacy, 2003..
[64] Pekka Nikander,et al. DOS-Resistant Authentication with Client Puzzles , 2000, Security Protocols Workshop.