參考文獻 |
References
[1] Darrell M.; Kienzle; Matthew C.; Recent Worms: A Survey and Trends, Proceedings of the 2003 ACM workshop on Rapid Malcode, Oct 2003, pages: 1-10.
[2] Levenhagen R., Trends, Codes and Virus Attack- 2003 year in review, Network Security, Vol. 2004 Issue 1, Jan 2004, Pages: 13-15.
[3] Clark J., The Consumer Desktop – The Weak Link in Internet Security and Why ISP’s Are Uniquely Positioned to Help”, Systems Administrators And Security Managers (SANS) Technique Reports, Feb 2003. Pages: 1-32.
[4] Houle K.J.; Weaver G.M., Trends in Denial of Service Attack Technology, CERT Coordination Center, Oct 2001, Pages: 1-20.
[5] Chang, R.K.C.; Defending against Flooding-based Distributed Denial-of-Service Attacks, Communications Magazine, IEEE, Volume: 40, Issue: 10, Oct 2002, Pages: 42 – 51.
[6] Harris D., Drowning in Sewage- SPAM, Asia Pacific Regional Internet Conference on Operational Technologies (APRICOT) Conference, Feb 2004.
[7] Cranor L.F.; LaMacchia B.A.; Spam; Communications of the ACM, Volume 41, Issue 8, Aug 1998, Pages: 74 – 83.
[8] Soonthornphisaj N.; Chaikulseriwat K.; Piyanan Tang-On; Anti-spam filtering: a centroid-based classification approach, 2002 6th International Conference on Signal Processing, Volume: 2, 26-30 Aug. 2002, Pages: 1096 – 1099.
[9] Request for Comments: 2821, Simple Mail Transfer Protocol, Apr 2001.
[10] Request for Comments: 2505, Anti-Spam Recommendations for SMTP MTAs, Feb 1999.
[11] Geer D., Will new standards help curb spam, Computer, Volume: 37, Issue: 2, Feb. 2004, Pages: 14 – 16.
[12] Levy, E.; The making of a spam zombie army. Dissecting the Sobig worms, Security & Privacy Magazine, IEEE, Volume: 1, Issue: 4, July-Aug. 2003, Pages: 58 – 59.
[13] Bass, T.; Watt, G., A simple framework for filtering queued SMTP mail, MILCOM 97 Proceedings, Vol 3, Nov 1997, Pages: 1140 - 1144.
[14] Vaughan-Nichols S.J., Saving private e-mail, IEEE Spectrum, Volume: 40, Issue: 8, Aug. 2003, Pages: 40 – 44.
[15] Sen A.; Spatscheck O.; Wang D.; Accurate, Scalable In-Network Identification of P2P Traffic Using Application Signatures; The 13th World Wide Web Conference, May 2004, Pages: 512- 521.
[16] Mahoney M.V., Network Traffic Anomaly Detection Based on Packet Bytes, Proceedings of the 2003 ACM symposium on Applied computing, Mar 2003, Pages: 346-350.
[17] Williamson C., Internet traffic Measurement, IEEE Internet Computing, Nov 2001, Pages: 70-74.
[18] Kushida T., The traffic measurement and the empirical studies for the Internet, GLOBECOM, Volume 2, 1998, Pages: 1142-1147.
[19] Luca D.; Finsiel S.A., Effective Traffic Measurement Using Ntop, IEEE Communications Magazine, May 2000, Pages: 138-143.
[20] Wang H.; Zhang D.; Shin K. G.; Detecting SYN flooding attacks, twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2002), Volume: 3, Jun 2002, Pages: 1530 – 1539.
[21] Wang H.; Zhang D.; Shin, K.G.; SYN-dog: sniffing SYN flooding sources. Proceedings. 22nd International Conference on Distributed Computing Systems, Jul 2002, Pages: 421 – 428.
[22] Zhang Y.; Paxson V., Detecting Backdoors, Proceedings of 9th USENIX Security Symposium, 2000.
[23] Roesch M., Snort - Lightweight Intrusion Detection for Networks, Proceedings of 13th Systems Administration Conference (LISA '99), Nov 1999, Pages: 229 – 235.
[24] Huston G., Measuring IP Network Performance, The Internet Protocol Journal, Mar 2003, Pages: 2-9.
[25] Duffield N.; Lund C., Predicting Resource Usage and Estimation Accuracy in an IP Flow Measurement Collection Infrastructure, Proceedings of the 2003 ACM SIGCOMM conference on Internet measurement, Oct 2003, Pages: 179-191.
[26] Fullmer M., The OSU Flow-tools Package and Cisco Netflow Logs, Proceedings of 14th Systems Administration Conference (LISA 2000), Dec 2000, Pages: 291 – 303.
[27] Plonka D., FlowScan: A network traffic flow reporting and visualization tool, Proceedings of 14th Systems Administration Conference (LISA 2000), Dec 2000, Pages: 305 – 317.
[28] Barford P.; Plonka D., Characteristics of network traffic flow anomalies, Proceedings of the First ACM SIGCOMM Workshop on Internet Measurement, Nov 2001, Pages: 69 –73.
[29] Liu D.; Huebner F., Application Profiling of IP Traffic, Proceedings of the 27th Annual IEEE Conference on Local Computer Networks (LCN’02), Nov 2002, Pages: 220 – 229.
[30] Base R.; Mell P., Intrusion Detection Systems, National Institute of Standards and Technology (NIST) Special Publication on IDS. Pages: 74 – 83.
[31] Porras P. A.; Valdes A.; Live Traffic Analysis of TCP/IP Gateways, Networks and Distributed Systems Security Symposium, Mar 1998.
[32] Urupoj K.; Surasak S.; Wipa J., A Rule-based Approach for Port Scanning Detection, Electrical Engineering Conference (EECON-23), Nov 2000.
[33] Kruegel C.; Mutz D.; Robertsom W.; Valeur F.; Bayesian Event Classification for Intrusion Detection, 19th Annual Computer Security Applications Conference, Dec 2003.
[34] Sebyala A. A.; Olukemi T.; Sacks L., Active Platform Security through Intrusion Detection Using Naïve Bayesian Network for Anomaly Detection, in London Communications Symposium (LCS 2002).
[35] Mirkovic J.; Reiher P., A taxonomy of DDoS attack and DDoS defense mechanisms, ACM SIGCOMM Computer Communication Review, Vol 34, Issue 2, Apr 2004, Pages: 39-53.
[36] Breunig M.; Kriegel H.P.; Sander J; LOF: Identifying Density-Based Local Outliers, Proceedings of the ACM SIGMOD Conference on Management of Data, 2000. Pages: 1-12.
[37] Han H.; Lu X.L.; Lu J.; Bo C.; Yong R.L., Data mining aided signature discovery in network-based intrusion detection system, ACM SIGOPS Operating Systems Review, Vol. 36, Issue 4, Oct 2002, Pages: 7-13.
[38] PATRICIU V.V.; Rusu L.; Priescu I., Data Mining Approaches for Intrusion Detection in Email System Internet-Based, RoEduNet (Romanian Education Network) Conference 2003, Jun 2003, Pages: 144-147.
[39] Lee W.; Stolfo S. J.; A Framework for Constructing Features and Models for Intrusion Detection System, ACM Transactions on Information and System Security, Vol. 3, No. 4, Nov 2000, Pages: 227 – 261.
[40] Dokas P.; Eilertson E.; Ertoz L.; Kim Y.; Lazarevic A.; Svastava J.; Kumar P.; Tan P.N.; Zhang Z., Data Mining for Network Intrusion Detection, Digital Technology Center, University of Minnesota, Mar 2003. Pages: 1 – 21.
[41] Ertoz, L., Lazarevic, A.;Eilertson, E.;Lazarevic, A., Tan, P.; Dokas P. ; Kumar, V.; Srivastava, J.; Protecting Against Cyber Threats in Networked Information Systems, SPIE Annual Symposium on AeroSense, Battlespace Digitization and Network Centric Systems III, April, 2003.
[42] Kanamaru A.; Ohtak K.; Kato N.; Mansfield G.; Nemoto Y., A simple packet aggregation technique for fault detection, International Journal of Network Management, Volume 10 Issue 4, July 2000, Pages: 215-228.
[43] Vivo M.; Carrasco E.; Isern G. Vivo G. O., A Review of Port Scanning Techniques, ACM SIGCOMM Computer Review, Vol 29, Issue 2, Apr 1999, Pages: 41-48.
[44] Steven W.R.; TCP/IP Illustrated, Volume 1, Addison-Wesley Publishing Company, Inc, 1994.
[45] Costales Bryan; Allman E., Sendmail, O’Reilly & Associates, Inc.2003.
[46] Bass, T.; Watt, G.; A simple framework for filtering queued SMTP mail (cyberwar countermeasures), MILCOM 97 Proceedings, Volume: 3, 2-5 Nov. 1997, Pages: 1140 – 1144.
[47] Request for Comments 2167; Referral Whois (RWhois) Protocol V1.5. S. Williamson, M. Kosters, D. Blacka, J. Singh, K. Zeilstra. June 1997.
[48] Yang S. C.; Tseng L. M., Automatic Detect and Notice Abnormal SMTP Traffic and Email Spammer, Proceedings of Cross-Strait Information Technology Conference (CSIT 2003) Conference, Nov 2003.
[49] Request for Comments: 1354, IP Forwarding Table MIB, July 1992.
[50] Huitema C., Routing in the Internet, Prentice Hall, Inc. 1995, Pages: 27-64.
[51] Request for Comments: 1213, Management Information Base for Network Management of TCP/IP-based internets: MIB-II, 1991.
[52] Yang S. C.; Tseng L. M., Monitoring X-Attack Traffic over Aggregate Network, National Computer Symposium (NCS-2003), Dec 2003, Pages: 406 - 413.
[53] Saroiu S.; Krishna P.; Gribble S.D.; A Measurement Study of Peer-to-Peer File Sharing Systems, in Proceedings of Multimedia Computing and Networking (MNCN), Jan 2002.
[54] Ripeanu, M.; Peer-to-peer architecture case study: Gnutella network, First International Conference on Peer-to-Peer Computing Proceedings, Aug. 2001.
[55] Clifford, M.; Faigin, D.; Bishop, M.; Brutch, T.; Miracle cures and toner cartridges: finding solutions to the spam problem, 19th Annual Computer Security Applications Conference, 2003, Pages: 428 – 429.
[56] Sen, S.; Jia Wang; Analyzing peer-to-peer traffic across large networks, IEEE/ACM Transactions on Networking, Volume: 12, Issue: 2, April 2004, Pages: 219 – 232.
[57] Sion R.; Atallah M.; Prabhakar S.; On-the-fly intrusion detection for Web portals, Information Technology, International Conference on Coding and Computing Proceedings. ITCC 2003, April 2003, Pages: 325 – 330.
[58] Cho K.; Kaizaki R.; Kato A.; An Aggregation Technique for Traffic Monitoring, Proceedings of the 2002 Symposium on Applications and the Internet (SAINT’02w), 2002.
[59] Beyah, R.A.; Holloway, M.C.; Copeland, J.A.; Invisible Trojan: an architecture, the implementation and detection method, the 2002 45th Midwest Symposium on Circuits and Systems (MWSCAS-2002), Volume 3, Aug. 2002, Pages: III-500 - III-504. |