1 |
C.M Chen, B.C Jeng, C.R. Yang, and G.H. Lai, "Tracing denial of service origin: Ant colony approach," Applications of Evolutionary Computing, Springer Berlin Heidelberg, pp.286-295, 2006.
|
2 |
X. Yin, W. Yurcik, M. Treaster, Y. Li, and K. Lakkaraju, "VisFlowConnect: netflow visualizations of link relationships for security situational awareness," Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security, pp.26-34, 2004.
|
3 |
D. Huistra, "Detecting Reflection Attacks in DNS Flows," Proceedings of 19th Twente Student Conference on IT, 2013.
|
4 |
L. Bilge, D. Balzarotti, W. Robertson, E. Kirda, and C. Kruegel, "Disclosure: detecting botnet command and control servers through large-scale netflow analysis," Proceedings of the 28th Annual Computer Security Applications Conference, pp.129-138, 2012.
|
5 |
C. Estan, K. Keys, D. Moore, and G. Varghese, "Building a better NetFlow," ACM SIGCOMM Computer Communication Review, Vol. 34, No. 4, pp.245-256, 2004.
DOI
|
6 |
H. Choi and J.O. Limb, "A Behavioral Model of Web Traffic," Proceedings of Seventh International Conference on Network Protocols, pp. 327-334, 1999.
|
7 |
S. Yu, G. Zhao, S. Guo, Y. Xiang, and A.V. Vasilakos, "Browsing Behavior Mimicking Attacks on Popular Web Sites for Large Botnets," Proceedings of IEEE INFOCOM WKSHPS, pp.947-951, 2011.
|
8 |
K.S. Han and E.G. Im, "A Study on the Analysis of Netbot and Design of Detection Framework," Proceedings of Joint Workshop on Information Security, pp.1-12, 2009.
|
9 |
Cisco, Cisco Catalyst 3750-X and 3560-X Series Switches Data Sheet, http://www.cisco.com/c/en/us/products/collateral/swi tches/catalyst-3750-x-series-switches/data_sheet_c78-584733.html
|
10 |
T. Yatagai, T. Isohara, and I. Sasase, "Detection of HTTP-GET flood Attack Based on Analysis of Page Access Behavior," Proceedings of IEEE Pacific Rim Conference, pp. 232-235, 2007.
|
11 |
D. Dittrich and F. Sven, "P2P as botnet command and control: a deeper insight," Proceedings of the 3rd International Conference on Malicious and Unwanted Software, pp. 41-48, 2008.
|
12 |
P. Chwalinkski, R. Belavkin, and X. Cheng, "Detection of Application Layer DDoS Attack with Clustering and Likelihood Analysis," Proceedings of Globecom, 2013.
|
13 |
AhnLab TrusGuard DPX, http://download.ahnlab.com
|
14 |
Peakflow Threat Management System, http://www.arbornetworks.com
|
15 |
Introduction to Cisco IOS NetFlow, http://cisco.com
|
16 |
B. Claise, "Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information," IETF working group, 2013.
|
17 |
B. Mah, "An Empirical Model of HTTP Network Traffic," Proceedings of INFOCOM'97, pp.592-600, 1997.
|
18 |
W. Lu and S. Yu, "An HTTP Flooding Detection Method Based on Browser Behavior," Proceedings of Computational Intelligence and Security, pp.1151-1154, 2006.
|
19 |
Y. Choi, I. Kim, J. Oh, and J. Jang, "AIGG Threshold Based HTTP GET Flooding Attack Detection," Proceedings of WISA, 2012.
|
20 |
M. Srivatsa, A. Iyengar, J. Yin, and L. Liu, "Mitigating application-level denial of service attacks on Web servers: A client-transparent approach," ACM Trans. on the Web, Vol. 2, No. 3, Article 15, July 2008.
|
21 |
endace, EndaceFlow NetFlow Generator Appliances, http://www.endace.com/endaceflow-high-speed-netflow-generators.html
|