참고문헌
- S. Patton, W. Yurcik and D. Doss, 'An Achilles Heel in Signature-Based IDS : Squealing False Positives in SNORT,' Lecture Notes in Computer Science, 2001
- W. LEE, 'A Data Mining Framework for constructing Features and Models for Intrusion Detection Systems,' Ph.D. Dissertation, Columbia University, 1999
- I. Weon, D. Song, C. Lee, Y. Heo and J. Jang, 'A Machine Learning approach toward an environment-free network anomaly IDS A primer report,' Proc. of 5th International Conference on Advanced Communication Technology, 2003
- C. Kruegel and T. Toth, 'Using decision trees to improve signature-based detection,' In 6th Symposium on Recent Advances in Intrusion Detection (RAID), Lecture Notes in Computer Science, Springer Verlag, USA, September, 2003
- M. Mahoney and P. Chan, 'PHAD : Packet Header Anomaly Detection for Identifying Hostile Network Traffic,' Florida Institute for Technology Technical Report CS-2001-04
- R. Lippman et als., 'Evaluation intrusion detection systems : The 1998 DARPA off-line intrusion detection evaluation,' Proc. of DARPA Information Survivability Conference and Exposition, pp.12-26, 2000
- K. Julisch, 'Mining alarm clusters to improve alarm handling efficiency,' 17th Annual Computer Security Application Conference (ACSAC), pp.12-21, 2000 https://doi.org/10.1109/ACSAC.2001.991517
- K. Julisch and M. Dacier, 'Mining Intrusion Detection Alarms for Actionable Knowledge,' 8th ACM International Conference on Knowledge Discovery and Data Mining, 2002 https://doi.org/10.1145/775047.775101
- S. Manganaris, M. Christensen, D. Zerkle and K. Hermiz, 'A Data Mining Analysis of RTID Alarms,' 2nd Workshop on Recent Advances in Intrusion Detection (RAID99), 1999
- SNORT, http://www.snort.org
- D. Aha and D. Kibler, 'Noise-tolerant instance-based learning algorithms,' Proceedings of the Eleventh International Joint Conference on Artificial Intelligence, pp.794-799, 1989
- McHugh, J., 'Testing Intrusion Detection Systems : A critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory,' ACM Transactions on Information and System Security, Vol.3, No.4, Nov., 2000 https://doi.org/10.1145/382912.382923
- M. Roech, 'SNORT-lightweight Intrusion Detection in Networks,' USENIX/LISA Conference, 1999
- J. R. Quinlan, 'Probabilistic Decision Trees, in Machine Learning : An Artificial Intelligence approach,' in Machine Learning III, (ed. Yves Kodratoff), Morgan Kaufmann Publishers, Inc., San Mateo, California, pp.140-152, 1990
- C. Stanfill and D. Waltz, 'Toward memory-based reasoning,' Communications of the ACM, 1986 https://doi.org/10.1145/7902.7906
- S. Cost and S. Salzberg, 'A Weighted Nearest Neighbor Algorithm for Learning with Symbolic Features,' Machine Learning 10, pp.57-78, 1993 https://doi.org/10.1023/A:1022664626993
- 김도진, 'IBL을 사용한 네트워크 기반 침입탐지 시스템과 평가 모델의 연구,' 건국대학교 석사학위 청구논문, 2003