Intrusion Detection System Bibliography

From: To:

Books

S. Northcutt, J. Novak, Network Intrusion Detection, 3rd, New Riders, 2003.

Journals

P. Ning, Y. Cui, D. Reeves, D. Xu, "Tools and Techniques for Analyzing Intrusion Alerts", ACM Transactions on Information and System Security, Vol. 7, No. 2, May 2004, To appear.

K. Tan, R. Maxion, "Determining the Operational Limits of an Anomoly-Based Intrusion Detector", IEEE Journal on Selected Areas in Communications, Vol. 21, No. 1, January 2003, 96-110.

G. Tedesco, U. Aickelin, "Adaptive Alert Throttling for Intrusion Detection Systems", submitted and under review, 2003.

D. Yeung, Y. Ding, "Host-Based Intrusion Detection Using Dynamoic and Static Behavioral Models", Pattern Recognition, Vol. 36, 2003, 229-243.

H. Venter, J. Eloff, "A Taxonomy for Information Security Technologies", Computers & Security, Vol. 22, No. 4, 2003, 299-307.

K. Julisch, "Clustering intrusion detection alarms to support root cause analysis", ACM Transactions on Information and System Security, Vol. 6, No. 4, 2003, 443-471.

R. Erbacher, K. Walker, D. Frincke, "Intrusion and Misuse Detection in Large-Scale Systems", Computer Graphics and Applications, Vol. 22, No. 1, January 2002, 38-48.

S. Cho, "Incorporating Soft Computing Techniques into a Probabilistic Intrusion Detection System", IEEE Transactions on Systems, Man, and Cybernetics, Vol. 32, No. 2, May 2002, 154-160.

R. Kemmerer, G. Vigna, "Intrusion Detection: A Brief History and Overview", Security & Privacy, Supplement to IEEE Computer Magazine, April 2002, 27-30.

G. Lawton, "Open Source Security: Opportunity or Oxymoron?", Computer, Vol. 35, No. 3, March 2002, 18 - 21.

L. Paulson, "Stopping Intruders Outside the Gates", Computer, Vol. 35, No. 11, November 2002, 20-22.

J. McHugh, A. Christie, J. Allen, "Defending Yourself: The Role of Intrusion Detection Systems", Software, Vol. 17, No. 5, September 2002, 42-51.

S. Staniford, J. Hoagland, J. McAlerney, "Practical Automated Detection of Stealthy Portscans", Journal of Computer Security, Vol. 10, No. 1-2, 2002, 105-126.

R. Cunningham, R. Lippmann, S. Webster, "Detecting and Displaying Novel Computer Attacks with Macroscope", IEEE Transactions on Systems, Man, and Cybernetics, Vol. 31, No. 4, July 2001, 275-281.

G. Wiederhold, "Collaboration Requirements: A Point of Failure in Protecting Information", Computer Graphics and Applications, Vol. 31, No. 4, July 2001, 336-342.

J. McHugh, "Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory", ACM Transactions on Information and System Security, Vol. 3, No. 4, November 2000, 262-294.

R. Lippmann, J. Haines, D. Fried, J. Korba, K. Das, "The 1999 DARPA off-line Intrusion Detection Evaluation", Computer Networks, No. 34, 2000, 579-595.

D. Steinauer, S. Katzke, S. Radack, "Basic Intrusion Protection: The First Line of Defense", IT Professional, Vol. 1, No. 1, January 1999, 43-48.

N. Puketza, M. Chung, R. Olsson, B. Mukherjee, "A Software Platform for Testing Intrusion Detection Systems", IEEE Software, September/Octob 1997, 43-51.

N. Puketza, K. Zhang, M. Chung, B. Mukherjee, R. Olsson, "A Methodology for Testing Intrusion Detection Systems", IEEE Transactions on Software Engineering, October 1996, 719-729.

Conference proceedings

P. Ning, D. Xu, C. Healey, R. Amant, "Building Attack Scenarios through Integration of Complementary Alert Correlation Methods", Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS '04), February 2004, 97-111.

D. Yu, D. Frincke, "A Novel Framework for Alert Correlation and Understanding", Proceeding of Applied Cryptography and Network Security, Second International Conference (ACNS 2004), June 8-11 2004; Lecture Notes in Computer Science, Vol. 3089, 452-466.

C. Li, Q. Song, C. Zhang, "MA-IDS Architecture for Distributed Intruction Detection using Mobile Agents", Proc. of the 2nd International Conference on Information Technology for Application (ICITA 2004), 2004, 451-455.

U. Aickelin, P. Bentley, S. Cayzer, J. Kim, J. McLeod, "Danger Theory: The Link between AIS and IDS", Proc. of the Second Internation Conference on Artificial Immune Systems (ICARIS-03), 2003, 147-155.

N. Athanasiades, R. Abler, J. Levine, H. Owen, G. Riley, "Intrusion Detection Testing and Benchmarking Methodologies", Information Assurance Workshop,, March 2003, 63-72.

M. Mahoney, P. Chan, "An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection", Proceeding of Recent Advances in Intrusion Detection (RAID)-2003, September 8-10 2003; Lecture Notes in Computer Science, Vol. 2820, 220-237.

P. Ning, D. Xu, "Learning Attack Strategies from Intrusion Alerts", Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS '03), October 2003, 200-209.

S. Benferhat, F. Autrel, F. Cuppens, "Weighted Correlation in an Intrusion Detection Process", Proceeding of 2eme rencontre francophone sur Securite et Architecture Reseaux (SAR'2003), 30 Juin-4 Juill 2003.

S. Benferhat, F. Autrel, F. Cuppens, "Enhanced Correlation in an Intrusion Detection Process", Proceeding of Second International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2003, September 21-23 2003; Lecture Notes in Computer Science, Vol. 2776, 157-170.

Y. Wu, B. Foo, Y. Mei, S. Bagchi, "Collaborative Intrusion Detection System (CIDS): A Framework for Accurate and Efficient IDS", Proceeding of 19th Annual Computer Security Applications Conference, December 8-12 2003.

X. Qin, W. Lee, "Statistical Causality Analysis of INFOSEC Alert Data", Proceedings of the 6th symposium on Recent Advances in Intrusion Detection (RAID 2003), 2003; Lecture Notes in Computer Science, Vol. 2820, 73-93.

C. Coit, S. Staniford, J. McAlerney, "Towards Faster String Matching for Intrusion Detection", Proc. of the DARPA Information Survivability Conference and Exhibition (DISCEX-02), 2002, 367-373.

H. Debar, B. Morin, "Evaluation of the Diagnostic Capabilities of Commercial Intrusion Detection Systems", Proceedings of the 5th symposium on Recent Advances in Intrusion Detection (RAID 2002), October 2002; Lecture Notes in Computer Science, Vol. 2516, 177-198.

L. Rossey, R. Cummingham, D. Fried, J. Rabek, R. Lippmann, J. Haines, M. Zissman, "LARIAT : Licoln Adaptable Real-Time Information Assurance Testbed", Proceedings of the 2002 IEEE Aerospace Conference, March 2002.

F. Cuppens, A. Miege, "Alert Correlation in a Cooperative Intrusion Detection Framework", Proceeding of 2002 IEEE Symposium on Security and Privacy, May 12-15 2002, 202-215.

F. Cuppens, F. Autrel, A. Miege, S. Benferhat, "Correlation in an intrusion detection process", Procedeeing of Internet Security Communication Workshop (SECI'02), Septembre 2002.

F. Cuppens, F. Autrel, A. Miege, S. Benferhat, "Recognizing Malicious Intention in an Intrusion Detection Process", Proceeding of Soft Computing Systems - Design, Management and Applications, HIS 2002, December 1-4 2002; Frontiers in Artificial Intelligence and Applications, Vol. 87, 806-817.

A. Valdes, M. Almgren, S. Cheung, Y. Deswarte, B. Dutertre, J. Levy, H. Saidi, V. Stavridou, T. Uribe, "An architecture for an adaptive intrusion tolerant server", Proceeding of Security Protocols Workshop, 2002; Lecture Notes in Computer Science.

M. Handley, V. Paxson, C. Kreibich, "Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics", Proc. of the 10th USENIX Security Symposium, 2001.

C. Kruegel, T. Toth, C. Kerer, "Decentralized Event Correlation for Intrusion Detection", International Conference on Information Security and Cryptology (ICISC), December 2001; Lecture Notes in Computer Science.

J. Haines, L. Rossey, R. Lippmann, "Extending the DARPA Off-Line Intrusion Detection Evaluation", Proceedings of DARPA Information Survivability Conference and Exposition(DISCEX) 2001, 11-12 June 2001.

F. Cuppens, "Cooperative intrusion detection", Proceeding of International Sysmposium on Information superiority: tools for crisis and conflict-management, 24-26 Septembre 2001.

F. Cuppens, "Managing Alerts in a Multi Intrusion Detection Environment", Proceeding of 17th Annual Computer Security Applications Conference (ACSAC 2001), 11-14 December 2001, 22-31.

C. Carver, J. Hill, U. Pooch, "Limiting uncertainty in Intrusion Response", Proceeding of 2001 IEEE Man Systems and Cybernetics Information Assurance Workshop, June 2001, 142-147.

R. Lippmann, D. Fried, I. Graf, J. Haines, K. Kendall, D. McClung, D. Weber, S. Webster, D. Wyschogrod, R. Cunningham, M. Zissman, "Evaluating Intrusion Detection Systems: The 1998 DARPA Off-line Intrusion Detection Evaluation", Proc. of the 2000 DARPA Information Survivability Conference and Exposition (DISCEX-00), January 2000.

R. Lippmann, J. Haines, D. Fried, J. Korba, K. Das, "Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation", Recent Advances in Intrusion Detection (RAID)-2000, 2000; LNCS, Vol. 1907, 162-182.

D. Alessandri, "Using Rule-Based Activity Descriptions to Evaluate Intrusion-Detection Systems", Proceeding of Recent Advances in Intrusion Detection, Third International Workshop, RAID 2000, October 2000; Lecture Notes in Computer Science, Vol. 1907, 183-196.

S. Templeton, K. Levitt, "A Requires/Provides Model for Computer Attacks", Proceedings of the New Security Paradigms Workshop 2000, Sept. 19-21 2000.

C. Carver, U. Pooch, "An Intrusion Response Taxonomy and Its Role in Automatic Intrusion Response", , June 2000.

T. Champion, R. Durst, "Air Force Intrusion Detection System Evaluation Environment", Proceeding of Recent Advances in Intrusion Detection, Second International Workshop(RAID) 1999, September 7-9 1999.

D. Song, G. Shaffer, M. Undy, "Nidsbench - a Network Intrusion Detection Test Suite", Proceeding og Recent Advances in Intrusion Detection, Second International Workshop, (RAID) 1999, September 7-9 1999.

J. Cannady, "Artificial Neural Networks for Misuse Detection", Proc. of the 1998 National Information Systems Security Conference (NISSC-98), October 1998.

Masters' theses

P. Eng, M. Haug, "Automatic Response to Intrusion Detection", Faculty of Engineering and Science, Agder Universi, June 2004.

Y. Hu, "TIAA: A Toolkit for Intrusion Alert Analysis", Deparment of Computer Science, North Carolina Stat, December 2003.

A. Serrano, "Integrating Alerts from Multiple Homogeneous Intrusion Detection Systems", Deparment of Computer Science, North Carolina Stat, May 2003.

R. Marty, "THOR : A Tool to Test Intrusion Detection Systems by Variations of Attacks", Computer Engineering and Networks Laboratory, Swis, March 2002.

Y. Cui, "A Toolkit for Intrusion Alerts Correlation Based on Prerequisites and Consequences of Attacks", Deparment of Computer Science, North Carolina Stat, December 2002.

Technical reports

D. Gorton, "Extending Intrusion Detection with Alert Correlation and Intrusion Tolerance", No. 27 L, Deparment of Computer Engineering, Chalmers Univer, 2003.

P. Mell, V. Hu, R. Lippmann, J. Haines, M. Zissman, "An Overview of Issues in Testing Intrusion Detection Systems", No. NIST IR 7007, National Institute of Standards and Technology, August 2003.

Y. Wu, B. Foo, B. Matheny, T. Olsen, S. Bagchi, "ADEPTS: Adaptive Intrusion Containment and Response using Attack Graphs in an E-Commerce Environment", No. 2003-33, Scool of Electrical & Computer Engineering, Purdue, 2003.

R. Gorman, E. Spafford, "Reversing the Network Intrusion Detection Paradigm: The Advantages of Outbound Misuse Detection", No. 2002-26, CERIAS, 2002.

J. Haines, R. Lippmann, D. Fried, M. Zissman, E. Tran, S. Boswell, "1999 DARPA Intrusion Detection System Evaluation: Design and Procedures", No. 1062, MIT Lincoln Laboratory, 2001.

J. Allen, A. Christie, W. Fithen, J. McHugh, J. Pickel, E. Stoner, "State of the Practice of Intrusion Detection Technologies", No. CMU/SEI-99-TR-0, Carnegie Mellon Univerisity / Software Engineering, January 2000.

H. Debar, M. Dacier, A. Wespi, S. Lampart, "An Experimentation Workbench for Intrusion Detection Systems", No. RZ 2998(# 93044, IBM Zurich Research Laboratory, September 1998.

J. Balasubramaniyan, J. Garcia-Fernandez, D. Isacoff, G. Spafford, D. Zamboni, "An Architecture for Intrusion Detection using Autonomous Agents", No. 98/05, COAST Group, Department of Computer Science, Purdu, June 1998.

M. Crosbie, G. Spafford, "Active Defense of a Computer System using Autonomous Agents", , February 1995.

M. Crosbie, G. Spafford, "Defending a COmputer System using Autonomous Agents", No. 95-022, COAST Group, Department of Computer Science, Purdu, March 1994.

Other publications

E. Networks, "Intrusion Detection Methodologies Demystified", Enterasys Intrusion Detection White Papers, 2003.

T. Group, "Intrusion Detection Systems Group Test (Edition 4)", http://www.nss.co.uk/ids/edition4/index.htm, August 2003.

J. Leach, G. Tedesco, "Firestorm Network Intrusion Detection System", Firestorm Documentation, 2003.

M. Roesch, C. Green, "Snort Users Manual Snort Release: 2.0.1", Snort Documentation, 2003.

T. Group, "Gigabit Intrusion Detection Systems Group Test (Edition 2)", http://www.nss.co.uk/gigabitids/edition2/index.htm, August 2003.

N. NIST, "Intrusion Detection Systems", NIST Computer Science Special Reports SP 800-31, November 2001.

M. Ranum, "Experiences Bechmarking Intrusion Detection Systems", www.nfr.com, December 2001.

K. Kendall, "A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems", Department of Electrical Engineering and Computer Science, Messachusets Institute of Technology, June 1999.

 

 

BibTeXWeb 1.21 - © 2002-2003 J.Darmont
Hacked by Jamie Twycross