參考文獻 |
[施文富2007] 施文富“基於漸進式隱藏馬可夫模型與Windows系統呼叫之可調適性異常入侵偵測方法” ,中央大學資訊管理系,碩士論文,2007.
[AH1999] Levent M. Arslan, and John H. L. Hansen, “Selective training for hidden markov models with applications to speech classification,” IEEE Transactions on Speech and Audio Processing, vol.7, NO.1, January 1999.
[B2001] Marco Botta, “Resampling vs Reweighting in Boosting a Relational Weak Learner,” Springer-Verlag Berlin Heidelberg 2001.
[BCS2006] Sandeep Bhatkar, Abhishek Chaturvedi, R. Sekar, “Dataflow Anomaly Detection,” Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P’06), 2006.
[BT2006] Tom Bylander and Lisa Tate, “Using validation sets to avoid overfitting in adaboost,” American Association for Artificial Intelligence, 2006.
[CBS2006] Abhishek Chaturvedi, Sandeep Bhatkar and R. Sekar, “Improving Attack Detection in Host-Based IDS by Learning Properties of System Call Arguments,” In IEEE Symposium on Security and Privacy, 2006.
[CH2003] S. Cho, S. Han, “Two sophisticated techniques to improve hmm-based intrusion detection systems,” Proceedings of International Symposium on Recent Advances in Intrusion Detection, 2003.
[CHS2005] W.H. Chen, S.H. Hsu, H.P. Shen, “Application of SVM and ANN for intrusion detection,” Computers Operations Research, Volume 32, Issue 10, pp. 2617-2634, 2005.
[ELS2001] E.Eskin, W.Lee, and S.J.Stolfo, “Modeling system calls for intrusion detection with dynamic window sizes,” In Proceedings of DARPA Information Survivability Conference & Exposition II,2001.DISCEX’01, June 2001.
[FBH2005] German Florez-Larrahondo, Susan Bridges and Eric A. Hansen, “Incremental Estimation of Discrete Hidden Markov Models Based on a New Backward Procedure,” In Proceedings of the Twentieth National Conference on Artificial Intelligence, 2005.
[FBV2005] German Florez-Larrahondo, Susan M. Bridges, and Rayford Vaughn, “Efficient Modeling of Discrete Events for Anomaly Detection Using Hidden Markov Models,” In 8th Information Security Conference, 2005.
[FHSL1996] S. Forrest, S.A. Hofmeyr, A. Somayaji, and T.A. Longstaff, “A sense of self for unix processes,” In Proceedings of the 1996 IEEE Symposium on Security and Privacy, May 1996.
[FKFLG2003] Henry Hanping Feng, Oleg M. Kolesnikov, Prahlad Fogla, Wenke Lee, and Weibo Gong, “Anomaly Detection Using Call Stack Information,” In Proceedings of the 2003 IEEE Symposium on Security and Privacy, 2003.
[FLD2004] Say Wei Foo, Yong Lian, and Liang Dong, “Recognition of visual speech elements using adaptively boosted hidden markov models,” IEEE Transactions on Circuits and Systems for Video Technology, vol. 14, NO. 5, May 2004.
[FS1997] Yoav Freund and Robert E. Schapire, “A decision-theoretic generalization of on-line learning and an application to boosting,” Journal of Computer and System Sciences 55, 119-139, 1997.
[FS1999] Yoav Freund and Robert E. Schapire, “A short introduction to boosting,” Journal of Japanese Society for Artificial Intelligence, 14(5):771-780, September, 1999.
[HAK2008] Kjetil Haslum, Ajith Abraham and Svein Knapskog, “Fuzzy online risk assessment for distributed intrusion prediction and prevention systems,” Computer Modeling and Simulation, 2008.
[HFS1998] S. A. Hofmeyr, S. Forrest, and A. Somayaji, “Intrusion detection using sequences of system calls,” Journal of Computer Security, Volume 6, pages 151-180, 1998.
[HHM2008] Weiming Hu, Wei Hu, and Steve Maybank, “Adaboost-based algorithm for network intrusion detection,” IEEE Transactions on Systems, Man, and Cybernetics—part B: Cybernetics, vol. 38, NO. 2, April 2008.
[HMK2008] Kjetil Haslum, Marie E. G. Moe and Svein J. Knapskog, “Real-time intrusion prevention and security analysis of networks using HMMs,” Local Computer Networks, 2008.
[JAHMM] Jahmm - An implementation of HMM in Java. http:// www.run.montefiore.ulg.ac.be/ ~francois/software/jahmm/.
[KASPERSKY2009] Kaspersky Security Bulletin: Malware Evolution 2008. http://www.viruslist.com/en/analysis?, Accessed on March 02, 2009.
[KL2008] Rahul Khanna, Huaping Liu, “Control theoretic approach to intrusion detection using a distributed hidden Markov model,” Wireless Communications, IEEE 2008.
[LGJB2008] Yongzhong Li, Yang Ge, Xu Jing, Zhao Bo, “A new intrusion detection method based on fuzzy HMM,” Industrial Electronics and Applications, 2008.
[LS1998] W. Lee and S. J. Stolfo, “Data mining approaches for intrusion detection,” In Proceedings of the 7th USENIX Security Symposium, 1998.
[LV2002] Y Liao, V.R. Vemuri, “Use of K-nearest neighbor classifier for intrusion detection,” Computers Security 2002.
[LZXY2008] Yong-Zhong Li, Bo Zhao, Jing Xu, Ge Yang, “Anomaly intrusion detection method based on rough set theory,” Proceedings of the 2008 International Conference on Wavelet Analysis and Pattern Recognition, Hong Kong, 30-31, Aug. 2008.
[META] The Metasploit Project. http://www.metasploit.com/.
[MILW0RM] The Milw0rm Website. http://www.milw0rm.com/.
[Nebbet 2000] Gary Nebbet, “Windows NT/2000 native API reference,” Sams, 2000.
[NMAP] Nmap – Free Security Scanner For Network Exploration & Security Audits
http://nmap.org/.
[O2001] Nikunj C. Oza, “Online ensemble learning,” Department of Electrical Engineering and Computer Science, University of California, Berkeley, 2001.
[OR2001] Nikunj C. Oza and Stuart Russell, “Online bagging and boosting,” In Artificial Intelligence and Statistics 2001, Key West, FL, USA, pp. 105-112. January 2001.
[PSJ2008] Chetan Parampalli, R. Sekar and Rob Johnson, “A Practical Mimicry Attack against Powerful System-Call Monitors,” ASIACCS ’08, March 18-20, Tokyo, Japan, 2008.
[QXBG2002] Y. Qiao, X. W. Xin, Y.Bin and S.Ge, “Anomaly intrusion detection method based on HMM,” In IEEE Electronic Letters Online No. 20020467, 2002.
[R1989] L. R. Rabiner, “A tutorial on hidden markov models and selected applications in speech recognition,” Proc. IEEE, vol. 77, pp. 257–286, Feb 1989.
[RJ1986] L. R. Rabiner, B. H. Juang, “An introduction to hidden markov models,” IEEE ASSP Magazine, January 1986.
[RJ1993] L.R. Rabiner and B.H. Juang, “Fundamentals of Speech Recognition. Prentice Hall,” 1993.
[SBDB2001] R. Sekar M. Bendre D. Dhurjati P. Bollineni, “A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors,” In Proceedings of the 2001 IEEE Symposium on Security and Privacy, 2001.
[SKHN2008] Chris Seiffert, Taghi M. Khoshgoftaar, Jason Van Hulse, Amri Napolitano, “Resampling or Reweighting: A Comparison of Boosting Implementations,” 2008 20th IEEE International Conference on Tools with Artificial Intelligence, 2008.
[Strace] Strace for Windows NT, W2K, XP. http://www.waldsterben.uni-freiburg.de/Members/birgitmetzger/zipfolder.2008-12-12.5920807569/psychologie/testobjekte/testfolder/zipfolder/strace-0.3/README.html.
[SYMANTEC2009] Symantec Global Internet Security Threat Report Volume XIV. http://www.symantec.com/business/theme.jsp?themeid=threatreport. April, 2009.
[TS2007] Arnur G. Tokhtabayev and Victor A. Skormin, “Non-Stationary Markov Models and Anomaly Propagation Analysis in IDS,” Third International Symposium on Information Assurance and Security, IEEE 2007.
[UNM] UNM System Call Datasets. http://www.cs.unm.edu/~immsec/systemcalls.htm.
[VB2007] Alexander Vezhnevets and Olga Barinova, “Avoiding boosting overfitting by removing confusing samples,” Springer-Verlag Berlin Heidelberg 2007.
[VERLAB] Verlab Website. http://www.verlab.dcc.ufmg.br/cursos/visao/2008-1/grupo14/index.
[VS2005] R.M. Valdovinos, J.S. Sánchez, “Class-Dependant Resampling for Medical Applications,” Proceedings of the Fourth International Conference on Machine Learning and Applications (ICMLA’05), IEEE 2005.
[WD2001] D. Wagner and D. Dean, “Intrusion detection via static analysis,” In Proceedings of the 2001 IEEE Symposium on Security and Privacy, Oakland, California, 2001.
[WDD2000] A. Wespi, M. Dacier, H. Debar, “Intrusion Detection Using Variable-Length Audit Trail Patterns,” Proceedings of International Symposium on Recent Advances in Intrusion Detection, 2000.
[WFP1999] C. Warrender, S. Forrest, B. Pearlmutter, “Detecting intrusions using system calls: alternative data models,” In Proceedings of the 1999 IEEE Symposium on Security and Privacy, 1999.
[WGZ2004] W. Wang, X.H. Guan, X.L. Zhang, “Modeling Program Behaviors by Hidden Markov Models for Intrusion Detection,” In Proceedings of 2004 International Conference on Machine Learning and Cybernetics, 2004.
[WGZY2006] Wei Wang, Xiaohong Guan, Xiangliang Zhang, Liwei Yang, “Profiling program behavior for anomaly intrusion detection based on the transition and frequency property of computer audit data,” Computers and Security 25 539-550, ScienceDirect 2006.
[WZR2008] S.-J. Whittaker, M. Zulkernine, K. Rudie, “Towards Incorporating Discrete-Event Systems in Secure Software Development,” The Third International Conference on Availability, Reliability and Security, IEEE 2008.
[WZY2006] Miao Wang, Cheng Zhang, Jingjing Yu, “Native API Based Windows Anomaly Intrusion Detection Method Using SVM,” Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC’06), 2006.
[XMCW2008] Tian Xinguang, Duan Miyi, Sun Chunlai and Li Wenfa, “Intrusion detection based on system calls and homogeneous Markov chains,” Journal of Systems Engineering and Electronics Vol. 19, No. 3, 2008, pp.598–605, ScienceDirect 2008.
[YD2003] D.Y. Yeung, Y. Ding, “Host-based Intrusion Detection using Dynamic and Static Behavioral Models,” Pattern Recognition, 2003.
[YDY2007] Chun Yang, Feiqi Deng, Haidong Yang, “An unsupervised anomaly detection approach using subtractive clustering and hidden markov model,” Communications and Networking in China, 2007.
[YLCEX2001] N Ye, XY Li, Q Chen, SM Emran, M Xu, “Probabilistic techniques for intrusion detection based on computer audit data,” IEEE Trans on Systems, 2001.
[YT2004] Zhenwei Yu, Jeffrey J.P. Tsai, “A Multi-Class SLIPPER System for Intrusion Detection,” IEEE 2004.
[YTM2008] Chuanhuan Yin, Shengfeng Tian, Shaomin Mu, “High-order Markov kernels for intrusion detection,” Neurocomputing 71 (2008) 3247–3252, ScienceDirect 2008.
[YTW2007] Zhenwei Yu, Jeffrey J. P. Tsai, Thomas Weigert, “An Automatically Tuning Intrusion Detection System,” IEEE Transactions On Systems, Man, And Cybernetics—Part B: Cybernetics, Vol. 37, No. 2, April 2007.
[YYY2005] Wu Yang, Xiao-Chun Yun, Yong-Tian Yang, “Using Boosting Learning Method for Intrusion Detection,” ADMA 2005, LNAI 3584, pp.634-641, Springer 2005.
[ZZ2004] Xiao-Qiang Zhang, Zhong-Liang Zhu, “Combining the hmm and the neural network models to recognize intrusions,” Proceedings of the Third International Conference on Machine Learning and Cybernetics, Shanghai, 26-29 August 2004.
[ZZP2006] Xiaotong Zhuang, Tao Zhang, Santosh Pande, “Using Branch Correlation to Identify Infeasible Paths for Anomaly Detection,” The 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06), 2006.
|