1 |
D. Dagon, G. Gu, C. P. Lee, W. Lee, "A Taxonomy of Botnet Structures," in Proc. of Annual Computer Security Applications Conference (ACSAC), December 10-14, 2007.
|
2 |
R.R. Kompella, S. Singh, G. Varghese, "On Scalable Attack Detection in the Network," in Proc. of ACM Internet Measurement Conference (IMC), October 25-27, 2004.
|
3 |
T. Peng, C. Leckie, K. Ramamohanarao, "Survey of Network-Based Defense Mechanisms Countering the DoS and DDoS Problems," ACM Computing Surveys, vol. 39, no. 1, pp. 1-42, April, 2007.
DOI
ScienceOn
|
4 |
S. Kandula, D. Katabi, M. Jacob, A. W. Berger, "Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds," in Proc. of Symposium on Networked Systems Design & Implementation (NSDI), May 2-4, 2005.
|
5 |
C. Estan, G. Varghese, "New Directions in Traffic Measurement and Accounting," in Proc. of ACM SIGCOMM, August 19-23, 2002.
|
6 |
Jose Nazario, BlackEnergy DDoS Bot Analysis, Technical report, Arbor Networks, October 2, 2007.
|
7 |
Z. Zhu, G. Lu, Y. Chen, Z. J. Fu, P. Roberts, K. Han, "Botnet Research Survey," in Proc. of IEEE International Computer Software and Applications Conference (COMPSAC), pp. 967-972, July 28-August 1, 2008.
|
8 |
ha.cker.org security lab, Slowloris HTTP DoS, http://ha.ckers.org/slowloris/
|
9 |
J. Mirkovic, P. Reiher, "A taxonomy of DDoS attack and DDoS defense mechanisms," SIGCOMM Computer Communication Review, vol. 34, no. 2, pp. 39-53, April, 2004.
|
10 |
A. Kuzmanovic, E. Knightly, "Low-rate TCP-targeted denial of service attacks (the shrew vs. the mice and elephants)," in Proc. of ACM SIGCOMM, pp. 75-86, August 25-29, 2003.
|
11 |
G.Macia-Fernandez, J.E.Diaz-Verdejo, P.Garcia-Teodoro, "Evaluation of a low-rate DoS attack against application servers," Computers & Security, vol. 27, no. 7-8, pp. 335-354, December, 2008.
DOI
ScienceOn
|
12 |
H. Sun, J. Lui, D. Yau, "Defending against low-rate TCP attacks: dynamic detection and protection," in Proc. of 12th IEEE International Conference on Network Protocols (ICNP), pp. 196-205, October 5-8, 2004.
|
13 |
T. Thapngam, S. Yu, W. Zhou, G. Beliakov, "Discriminating DDoS attack traffic flash crowd through packet arrival patterns," in Proc. of 1th International Workshop on Security in Computers, Networking and Communications, April 10-15, 2011.
|
14 |
S. Yu, W. Zhou, W. Jia, S. Guo, Y. Xiang, F. Tang, "Discriminating DDoS attacks from flash crowds using flow correlation coefficient," IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 6, pp. 1073-1080, June 2012.
DOI
ScienceOn
|
15 |
S. Ranjan, R. Swaminathan, M. Uysal, A. Nucci, E. Knightly, "DDoS-Shield: DDoS-resilient scheduling to counter application layer attacks," IEEE/ACM Transactions on networking, vol. 17, no. 1, pp. 26-39, February, 2009.
DOI
ScienceOn
|
16 |
Z. Tan, A. Jamdagni, X. He, P. Nanda, R. P. Liu, "A system for Denial-of-Service attack detection based on multivariate correlation analysis," IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 2, pp. 447-456, February 2014.
DOI
ScienceOn
|
17 |
G. Macia-Fernandez, R. A. Rodriguez-Gomez, J. E. Diaz-Verdejo, "Defense techniques for low-rate DoS attacks against application servers," Computer Networks, vol. 54, no. 15, pp. 2711-2727, October 28, 2010.
DOI
ScienceOn
|
18 |
M Srivatsa, A. Iyengar, J. Yin, "Mitigating application-level denial of service attacks on web servers: a client-transparent approach," ACM Transactions on the Web, vol. 2, no. 3, pp. 15:1-15:49, July 2008.
|
19 |
T. Peng, C. Leckie, K. Ramamohanarao, "Protection from Distributed Denial of Service Attack Using History-based IP Filtering," in Proc. of IEEE International Conference on Communications (ICC), pp. 482-486, May 11-15, 2003.
|
20 |
J. Jung, B. Krishnamurthy, M. Rabinovich, "Flash Crowds and Denial of Service Attacks: Characterization and Implication for CDNs and Web Sites," in Proc. of World Wide Web (WWW) Conference, May 7-11, 2002.
|
21 |
S. Y. Nam, T. Lee, "Memory-Efficient IP Filtering for Countering DDoS Attacks," in Proc. of APNOMS, September 23-25, 2009.
|
22 |
L. Fan, P. Cao, J. Almeida, A.Z. Broder, Summary cache: a scalable wide-area web cache sharing protocol, Technical Report 1361, Univ. of Wisconsin-Madison, February, 1998.
|
23 |
H. Takagi, Queueing analysis - volume 1: vacation and priority systems, Part 1, North-Holland, 1991.
|
24 |
S. Y. Nam, N. Nazarov, and T. Lee, Defending HTTP Web Servers against DDoS Attacks through Admission Control and Attack Flow Detection, Technical Report, Yeungnam University, March 8, 2012.
|
25 |
T. Peng, C. Leckie, K. Ramamohanarao, "Proactively Detecting Distributed Denial of Service Attacks Using Source IP Address Monitoring," in Proc. of Networking Conference, pp. 771-782, May 9-14, 2004.
|
26 |
Red Hat, Inc., 42.9 IPTables, http:// www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-iptables.html
|
27 |
Honeynet Project and Research Alliance, Know Your Enemy: Tracking Botnets, http://www.honeynet.org
|
28 |
Linda Dailey Paulson, Hackers strengthen malicious botnets by shrinking them, http://csdl2.computer.org/comp/mags/co/2006/04/r4017.pdf
|
29 |
N. Weaver, S. Staniford, V. Paxson, "Very fast containment of scanning worms," in Proc. of the 13th Usenix Security Conference, pp. 29-44, August 9-13, 2004.
|