1 |
R. H. Shmway, D. S. Stoffer, "Dynamic Linear Models with Switching," Journal of the American Statistical Association, vol. 86, no. 415, pp. 763-769, 1991.
DOI
ScienceOn
|
2 |
S. Kim, A. Reddy, and M. Vannucci, "Detecting Traffic Anomalies at the Source through Aggregate Analysis of Packet Header Data," in Proc. of Networking, 2004.
|
3 |
Tao Qin. Xiaohong Guan, Wei Li and Pinghui Wang, "Dynamic Features Measurement and Analysis for Large-Scale Networks," in Proc. of ICC2008, CSIM workshop, pp. 212-216, 2008.
|
4 |
T. M. Gil, and M. Poletto, "Multops: a data-structure for bandwidth attack detection," in Proc. of the 10th USENIX Security Symposium, 2001.
|
5 |
V. D. Gligor, "A note on denial-of-service in operating systems," IEEE Trans. Softw. Eng., vol. 10, no. 3, pp. 320-324, 1984.
|
6 |
Computer Crime Research Center, 2004 CSI/FBI Computer Crime and Security Survey, http://www.crime-research.org/news/11.06.2004/423/
|
7 |
Anukool Lakhina, Mark Crovella, Christophe Diot, "Mining anomalies using traffic feature distributions," in Proc. of SIGCOMM'05, Philadelphia, Pennsylvania, USA, pp. 217-228, 2005.
|
8 |
P. Barford, J. Kline, D. Plonka, and A. Ron, "A Signal Analysis of Network Traffic Anomalies," in Proc. of Internet Measurement Workshop, 2002.
|
9 |
Hao Jiang, Constantinos Dovrolis, "Why Is the Internet Traffic Bursty in Short Time Scales," in Proc. of ACM SIG METRICS '05, pp. 241-252, June 2005.
|
10 |
J. Jung, B. Krishnamurthy and M. Rabinovich. "Flash Crowds and Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites," in Proc. of World Wide Web Conference, Hawaii, USA, 2002.
|
11 |
Cisco NetFlow Performance Analysis White Papers, http://www.cisco.com/en/US/technologies/tk543/tk812/technologies_white_paper0900aecd802a0eb9_ps6601_Products_White_Paper.html, 2007
|
12 |
V. Digalakis, J. Rohlicek, M. Ostendorf, "ML Estimation of a Stochastic Linear System with the EM Algorithm and Its Application to Speech Recognition," IEEE Trans. On Speech and Audio Processing, vol. 1, no. 4, pp. 431-441, 1993.
DOI
ScienceOn
|
13 |
Douglas M. Hawkins, Peihua Qiu, Chang Wook Kang, "The changepoint model for statistical process control," Journal of Quality Technology, vol. 35, no. 4, pp. 355-366, 2003.
|
14 |
D. Moore, G. M. Voelker, S. Savage, "Inferring internet Denial-of-Service activity," in Proc. of the 10th USENIX Security Symposium, pp. 9-22, 2001.
|
15 |
Cisco IOS NetFlow White Papers, http://www.cisco.com/en/US/products/ps6601/prod_white_papers _list.html.
|
16 |
Simon Haykin, "Adaptive Filter Theory," Beijing: Publishing House of Electronics Industry, 2002.
|
17 |
V. Paxson, "Bro: A System for Detecting Network Intruders in Real-time," Computer Networks, vol. 31, no. 23-24, pp. 2435-2463, 1999.
DOI
ScienceOn
|
18 |
Brett Ninness, Stuart Gibson, "The EM algorithm for Multivariable Dynamic System Estimation," Technical Report EE200101, 2001.
|
19 |
David K. Y. Yau, John C. S. Lui, Feng Liang, and Yeung Yam, "Defending Against Distributed Denial-of-Service Attacks With Max-Min Fair Server-Centric Router Throttles," IEEE/ACM TRANSACTIONS ON NETWORKING, vol. 13, no. 1, pp. 29-42, Feb. 2005.
DOI
|
20 |
Anukool Lakhina, Konstantina Papagiannaki, Mark Crovella, Christophe Diot, Eric D.Kolaczyk, and Nina Taft, "Structural Analysis of Network Traffic Flows," in Proc. of SIGMETRICS/Performance, New York, USA, pp. 61-72, 2004.
|
21 |
Yu Chen, Kai Hwang, Wei-Shinn Ku, "Collaborative Detection of DDoS Attacks over Multiple Network Domains," IEEE Trans. On Parallel and Distributed Systmes, vol. 18, no. 12, pp. 1649-1662, Dec. 2007.
DOI
|
22 |
Sun Zhi-Xin, Tang Yi-Wei, Cheng Yuan, "Router Anomaly Traffic Detection Based on Modified-CUSUM Algorithms," Journal of Software, vol. 16, no. 12, pp. 2117-2123, 2005.
DOI
ScienceOn
|
23 |
Ruoyu Yan and Qinghua Zheng, "Using Renyi Cross Entropy to Analyze Traffic Matrix and Detect DDoS attack", Information Technology Journal, vol. 8, no. 8, pp. 1180-1188, 2009.
DOI
|
24 |
Krishan Kumar, R.C Joshi, Kuldip Singh, "A Distributed Approach using Entropy to Detect DDoS attacks in ISP Domain," in Proc. of International Conference on Signal Processing, Communications and Networking , pp. 331-337, 2007.
|
25 |
Amit Kulkarni and Stephen Bush, "Detecting distributed denial-of-service attacks using kolmogorov complexity metrics," Journal of Network and Systems Management, vol. 14, no. 1, pp. 69-80, Mar. 2006.
DOI
ScienceOn
|
26 |
Peng Tao, C. Leckie and K. Ramamohanarao, "Protection from distributed denial of service attacks using history-based IP filtering," in Proc. of ICC'03, pp. 482-486, 2003.
|
27 |
Haakon Ringberg, Augustin Soule, Jennifer Rexford, Christophe Diot, "Sensitivity of PCA for Traffic Anomaly Detection," in Proc. of SIGMETRICS'07,USA, pp. 109-120, June 2007.
|
28 |
A. Medina, C. Fraleigh, N. Taft, S. Bhattacharyya, C. Diot, "A Taxonomy of IP Traffic Matrices" , in Proc. of Scalability and Traffic Control in IP Networks II, Boston, USA, pp. 200-213, 2003.
|
29 |
T. M. Gil and M. Poletto, "MULTOPS: A data-structure for bandwidth attack detection," in Proc. of the 10th USENIX Security Symposium, 2001.
|
30 |
H. Wang, D. Zhang and K. G. Shin, "Detecting SYN flooding attacks," in Proc. of IEEE INFOCOM, pp. 1530-1539, 2002.
|
31 |
Anukool Lakhina, Mark Crovella, Christophe Diot, "Diagnosing Network-wide Traffic Anomalies," in Proc. of SIGCOMM'04, Portland, Oregon,USA, pp. 219-230, 2004.
|
32 |
Augustin Soule, Kave Salamatian, Nina Taft, "Combining Filtering and Statistical Methods for Anomaly Detection," in Proc. of Internet Measurement Conference, pp. 331-344, 2005.
|