參考文獻 |
中文參考文獻
[翁興國2004]翁興國,“資訊安全營運中心之事件關聯處理的根本問題分析”,2004網際網路安全工程研討會論文集,台北,2004。
[劉美君2004]劉美君,一種利用彩色派翠網關聯警訊以重建多步驟攻擊的方法,國立中央大學資訊管理學系碩士論文,6月2004。
[劉陳2004]劉美君、陳奕明,“一種利用彩色派翠網關聯警訊以重建多步驟攻擊的方法”,第十四屆全國資訊安全會議論文集,台北,2004。
英文參考文獻
[CERT2002] CERT/CC, “Overview of Attack Trends”, http://www.cert.org/ , 2002.
[CERT2003] CERT/CC, “Overview Incident and Vulnerability Trends”, May 2003.
[CERT2005] CERT/CC, “CERT/CC Statistics 1988-2005”, 2005.
[CUI2002] Yun Cui, “A Toolkit for Intrusion Alerts Correlation Based on Prerequisites and Consequences of Attacks”, Master thesis, North Carolina State University, Department of Computer Science, December 2002.
[CM2002] Frédéric Cuppens, Alexandre Miège, “Alert Correlation in a Cooperative Intrusion Detection Framework”, In Proceedings of IEEE Symposium on Research in Security and Privacy, 2002.
[DLD2002] Kristopher Daley, Ryan Larson, Jerald Dawkins, “A Structural Framework for Modeling Multi-Stage Network Attacks”, In Proceedings of International Conference on Parallel Processing Workshop, 2002.
[GHA2001] Zoubin Ghahramani, “An Introduction to Hidden Markov Models and Bayesian Networks”, International Journal of Pattern Recognition and Artificial Intelligence, Vol. 15, No. 1, 2001.
[HFT1998] Yuan Ho, Deborah Frincke, Donald Tobin, “Planning, Petri Nets, and Intrusion Detection”, In Proceedings of the 21st National Information Systems Security Conference (NISSC’98), 1998.
[HWSH2001] Guy Helmer, Johnny Wong, Mark Slagell, Vasant Honavar, Les Miller, “Software Fault Tree and Colored Petri Net Based Specification, Design and Implementation of Agent-Based Intrusion Detection Systems”, ACM Transactions on Computer Security, Iowa State University, Department of Computer Science, 2001.
[IKP1995] Koral Ilgun, Richard A. Kemmerer and Phillip A. Porras, “State Transition Analysis: A Rule-Based Intrusion Detection Approach”, In Proceedings of IEEE Transactions on Software Engineering, 21(3), 1995.
[JEN1992] Kurt Jensen, “Coloured Petri Nets. Basic Concepts, Analysis Methods and Practical Use. Vol. 1:Basic Concepts”, Monographs in Theoretical Computer Science, Spring-Verlag, 1992.
[KS1994] Sandeep Kummar, Eugene H. Spafford, “A Pattern Matching Model For Misuse Intrusion Detection”, In Proceedings of the 17th National Computer Security Conference, October 1994.
[NC2002] Peng Ning, Yun Cui, “An Intrusion Alert Correlator Based on Prerequisites of Intrusions”, Technical Report, TR- 2002-01, North Carolina State University, Department of Computer Science, 2002.
[NCR2002] Peng Ning, Yun Cui, Douglas S. Reeves, “Constructing Attack Scenarios through Correlation of Intrusion Alerts”, In Proceedings of the 9th ACM Conference on Computer & Communications Security, pages 245--254, Washington D.C., November 2002.
[NRC2001] Peng Ning, Douglas S. Reeves, Yun Cui, “Correlating Alerts Using Prerequisites of Intrusions”, Technical Report, TR-2001-13, North Carolina State University, Department of Computer Science, 2001.
[OMSH2003] Dirk Ourston, Sara Matzner, William Stump, Bryan Hopkins, “Applications of Hidden Markov Models to Detecting Multi-stage Network Attacks”, In Proceedings of the 36th Hawaii International Conference on System Sciences (HICSS’03), Applied Research Laboratories University of Texas at Austin, 2003.
[OMSH2004] Dirk Ourston, Sara Matzner, William Stump, Bryan Hopkins, “Coordinated Internet attacks: responding to attack complexity”, Journal of Computer Security 12 (2004) 165-190, 2004.
[RAB1989] Lawrence R. Rabiner, Fellow, IEEE, “A Tutorial on Hidden Markov Models and Selected Applications in Speech Recognition”, In Proceedings of the IEEE, Vol. 77, No. 2, February 1989.
[RJ1986] L. R. Rabiner, B. H. Juang, “An Introduction to Hidden Markov Models”, IEEE ASSP Magazine, January 1986.
[VK1998] Giovanni Vigna and Richard A. Kemmerer, “NetSTAT : A Network-based Intrusion Detection Approach”, In Proceedings of the 14th Annual Computer Security Conference, Scottsdale, Arizona, December 1998.
[YF2004] Dong Yu, Deborah Frincke, “A Novel Framework for Alert Correlation and Understanding”, In Proceedings of Applied Cryptography and Network Security, Second International Conference(ACNS2004), Center for Secure and Dependable Software, University of Idaho, USA, 2004.
相關網站
[COMA] Confusion Matrix Website,
http://www2.cs.uregina.ca/~hamilton/courses/831/notes/confusion_matrix/confusion_matrix.html
[DARP] MIT Lincoln Lab, 2000 DARPA intrusion detection scenario specific datasets, http://www.ll.mit.edu/IST/ideval/data/2000/2000_data_index.html
[HMM] Arpin Studio, http://www.deyuan.idv.tw/weblog/index.php?blogId=1
[JAHM] Jahmm Website, a Java implementation of Hidden Markov Model related algorithm, http://www.run.montefiore.ulg.ac.be/~francois/software/jahmm/
[NESS] Nessus Website, http://www.nessus.org/
[SASA] WORM_SASSER.A,
http://www.trendmicro.com/vinfo/zh-tw/virusencyclo/default5.asp?VName=WORM_SASSER.A&VSect=T
[SASC] WORM_SASSER.C,
http://www.trendmicro.com/vinfo/zh-tw/virusencyclo/default5.asp?VName=WORM_SASSER.C&VSect=T
[SLAM] WORM_SLAMMER, http://cert.ntu.edu.tw/virusDocument/Slammer.doc
[SNOR] Snort Website, http://www.snort.org/
[SYMA] Symantec Website, 賽門鐵克網路安全威脅研究報告重點摘要,
http://www.symantec.com/region/tw/avcenter/threat_report.html |