1 |
CERT, CERT/CC, "CERT advisory CA-200l-19 code red worm," July 2001. [Online]. Available: http://www.cert.org/advisories/CA-2001-19.html
|
2 |
Z. Chen, L. Gao, and K. Kwiat, "Modeling the spread of active worms," in Proc. IEEE INFOCOM, Mar. 2003.
|
3 |
J. Jung, V. Paxson A. W. Berger, and H. Balakrishnan, "Fast portscan detection using sequential hypothesis testing," in Proc. IEEE Symposium on Security and Privacy, May 2004.
|
4 |
S. Staniford-Chen, S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, C. Wee, R. Yip, and D. Zerkle, "GrIDS-a graph-based intrusion detection system for large networks," in Proc. 19th National Inf. Sys. Security Conf, 1996.
|
5 |
S. Staniford, J. A. Hoagland, and J. M. McAlerney, "Practical automated detection of stealthy portscans," in Proc. 7th ACM Conf. Comput. and Commun. Security, 2000.
|
6 |
J, Mai, A. Sridharan, C.-N. Chuah, H. Zang, and T. Ye, "Impact of packet sampling on portscan detection," IEEE J. Sel. Areas Commun., vol. 24, no. 12, pp. 2285-2298, Dec. 2006.
DOI
|
7 |
CERT, CERT/CC, "CERT advisory CA-200l-26 nimda worm," Sept. 2001. [Online]. Available: http://www.cert.org/advisories/CA-2001-26.html
|
8 |
CERT, CERT/CC, "advisories." [Online]. Available: http://www.cert.org/advisoriesl
|
9 |
A. Sridharan and T. Ye, "Tracking port scanners on the IP backbone," in Proc. Workshop on Large Scale Attack Defense with ACM Sigcomm, 2007.
|
10 |
V. Paxson, "Bro: A system for detecting network intruders in real-time," in Proc. Comput. Netw., Amsterdam, Netherlands, 1999, pp. 2435-2463.
|
11 |
[Online]. Available: http://www.icir.org/vernlbro-info.html
|
12 |
S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, J. Rowe, S. Staniford-Chen, R. Yip, and D. Zerkle, "The design of GrIDS: A graph-based intrusion detection system," U. C. Davis Computer Science Department, Tech. Rep. CSE-99-2, 1999.
|
13 |
N. Weaver, V. Paxson, S. Staniford, and R. Cunningham, "Large scale malicious code: A research agenda," University of California, Berkeley, Tech. Rep. 2003
|
14 |
S. Staniford, V. Paxson, and N. Weaver, "How to own the Internet in your spare time," in Proc. 11th USENIX Security Symposium, Aug. 2002.
|
15 |
M. Roesch, "Snort: Lightweight intrusion detection for networks," in Proc. 13th Conf. Sys. Admin., Berkeley, CA, Nov. 1999, pp. 229-238.
|
16 |
[On line]. Available: http://www.snort.org
|
17 |
A. Sridharan, T. Ye, and S. Bhattacharyya, "Connectionless port scan detection on the backbone," in Proc. 25th IEEE IPCCC, 2006.
|
18 |
L. T. Heberlein, G. V. Dias, K. N. Levitt, B. Mukherjee, J. Wood, and D. Wolber, "A network security monitor," in Proc. IEEE Symposium on Research in Security and Privacy, 1990, pp. 296-304.
|
19 |
C. Leckie and R. Kotagiri, "A probabilistic approach to detecting network scans," in Proc. Network Operations and Management Symposium, 2002.
|