參考文獻 |
〔1〕Dorothy E. Denning, Information Warfare and Security, Addsion Wesley, 1999.
〔2〕Stephen Northcutt, et al., Inside Network Perimeter Security, New Riders Press, 2003.
〔3〕Ed Skoudis and Lenny Zeltser, Malware – Fighting Malicious Code, Prentice Hall PTR, 2003.
〔4〕Bruce Schneier. “Attack Trends: 2004 and 2005”. ACM Queue, Vol.3, Iss.5; p.52-53, June, 2005.
〔5〕Y. Zhang, V. Paxson, “Detecting Backdoors,” 9th USENIX Security Symposium, August 2000.
〔6〕Moheeb Abu Rajab, et al., “A Multifaceted Approach to Understanding the Botnet Phenomenon,” 6th ACM SIGCOMM on Internet Measurement, 2006.
〔7〕David Dagon, Cliff Zou, Wenke Lee., “Modeling Botnet Propagation Using Time Zones,” 13th Annual Network and Distributed System Security Symposium, 2006.
〔8〕Symantec, “Symantec Global Internet Security Threat Report”, April 2008, http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xiii_04-2008.en-us.pdf
〔9〕J. P. Anderson, “Computer Security Threat Monitoring and Surveillance,” 1980.
〔10〕Zhenkai Liang and R. Sekar, “Automatic Generation of Buffer Overflow Attack Signatures: An Approach Based on Program Behavior Models,” 21st Annual Computer Security Applications Conference 2005.
〔11〕Zhenkai Liang, R. Sekar, “Fast and automated generation of attack signatures: a basis for building self-protecting servers,” 12th ACM conference on Computer and communications security, 2005
〔12〕Hao Wang, Somesh Jha and Vinod Ganapathy, “NetSpy: Automatic Generation of Spyware Signatures for NIDS,” 22nd Annual Computer Security Applications Conference, 2006.
〔13〕Kevin D. Mitnick, The Art of Deception – Controlling the Human Element of Security, Wiley, 2002.
〔14〕ESET, “Global Treat Report 2007,” Jan. 2008, http://www.eset.com/threat-center/case_study/GlobalThreatReport(Jan2008).pdf
〔15〕Hung, J.C., Kuan-Cheng Lin, Chang, A.Y., Lin, N.H., Lin, L.H., “A behavior-based anti-worm system,” 17th International Conference on Advanced Information Networking and Applications, 2003.
〔16〕Yong Tang and Shigang Chen, “Defending Against Internet Worms: A Signature-Based Approach,” IEEE INFOCOM, Miami, FL, March 2005.
〔17〕C. Taylor and J. Alves-Foss. Nate – Network Analysis of Anomalous Traffic Events, a low-cost approach. New Security Paradigms Workshop, 2001.
〔18〕Daniel P. Bovet and Marco Cesati, Understanding the Linux Kernel, third edition, O’Reilly, 2005
〔19〕Thomas F. Herbert, The Linux TCP/IP stack networking for embedded systems, first edition, Charles River Media, 2004
〔20〕Klaus Wehrle, The Linux Networking Architecture : Design and Implementation of Network Protocols in the Linux Kernel, second edition, Pearson Prentice Hall, 2004
〔21〕L. T. Heberlein, G. V. Dias, K. N. Levitt, B. Mukherjee, J. Wood, and D. Wolber, “A network security monitor,” IEEE Computer Society Symposium, 1990
〔22〕S. Kornexl, V. Paxson, H. Dreger, A. Feldmann and R. Sommer, “Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic,” ACM IMC, October 2005.
〔23〕H. Dreger, A. Feldmann, M. Mai, V. Paxson and R. Sommer, “Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection,” 15th conference on USENIX Security Symposium, August 2006.
〔24〕V. Paxson, “Bro: A System for Detecting Network Intruders in Real-Time,” 7th conference on USENIX Security Symposium, January 1998.
〔25〕Snort, http://www.snort.org/
〔26〕Tripwire, http://www.tripwire.com/ |