1 |
C. Kruegel and T. Toth, "Using decision trees to improve signature-based intrusion detection," In Proceedings of the 6th International Workshop on the Recent Advances in Intrusion Detection, LNCS vol. 2820, pp. 173-191, Sep. 2003.
|
2 |
A.K. Ghosh, A. Schwatzbard, and M. Shatz, "Learning program behavior profiles for intrusion detection," Proceedings 1st USENIX Workshop on Intrusion Detection and Network Monitoring, vol. 1, Apr. 1999.
|
3 |
S. Forrest, S.A. Hofmeyr, A. Somayaji, and T.A. Longstaff, "A sense of self for unix processes," Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 120-128, May 1996.
|
4 |
S.J. Raudys and A.K. Jain, "Small sample size effects in statistical pattern recognition: recommendations for practitioners," IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 13, no. 3, pp.252-264, Mar. 1991.
DOI
ScienceOn
|
5 |
N. Ye, X. Li, Q. Chen, S. Emran, and M. Xu, "Probabilistic techniques for intrusion detection based on computer audit data," IEEE Transactions on System, vol. 32, no. 4, pp.266-274, Jul. 2001.
|
6 |
M. Wang, C. Zhang, and J. Yu, "Native api based windows anomaly intrusion detection method using svm," Proceedings of the IEEE International Conference on sensor Networks, Ubiquitous and Trustworthy Computing, vol 1, Jun. 2006.
|
7 |
N. Park, Y. Kim, and B. Noh, "A behavior based detection for malicious code using obfuscation technique," Journal of the Korea Institute of Information Security and Cryptology, vol. 16, no. 3, Jun. 2006.
|
8 |
C. Warrender, S. Forrest, and B. Pearlmutter, "Detecting intrusions using system calls: alternative data models," 1999 IEEE Symposium on Security and Privacy, pp. 133-145, May 1999.
|
9 |
Q. Qian and M. Xin, "Research on hidden markov model for system call anomaly detection," PAISI 2007, LNCS vol. 4430, pp. 152-159, Apr. 2007.
|
10 |
S. Radosavac and J.S. Baras, "Detection and classification of network intrusions using hidden markov models," 2003 Conference on Information Sciences and System, Mar. 2003.
|
11 |
S. Cho and H. Park, "Efficient anomaly detection by modeling privilege flows using hidden Markov model," Elsevier Computers and security, vol. 22, no. 1, pp. 45-55, Jan. 2003.
DOI
ScienceOn
|
12 |
T. Kang, J. Cho, M. Chung and J. Moon, "Malware detection via hybrid analysis for api calls," Journal of the Korea Institute of Information Security and Cryptology, vol. 17, no. 6, pp. 89-98, Dec. 2007.
|
13 |
Y. Liao and V. Vemuri, "Use of k-nearest neighbor classifier for intrusion detection," Elsevier Computers and Seucurity, vol. 21, no. 5, pp. 439-448, Oct. 2002.
|
14 |
S. Rawat, V.P. Gulati, A.K. Pujari, and V. Vemuri, "Intrusion detection using text processing techniques with a binary-weighted cosine metric," Journal of Information Assurance and Security, pp. 43-50, 2006.
|
15 |
A. Sharma, A. Pujari, and K. Paliwal, "Intrusion detection using text processing techniques with a kernel based similarity measure," Elsevier Computers and Security, vol.26, no.7-8, pp. 488-495, Dec. 2007.
DOI
ScienceOn
|
16 |
G. Nebbett, "Windows nt/2000 native api reference," Macmillan Technical Publishing, 2000.
|
17 |
D. Buckely, I. Altas, and J. Howarth, "A real time intrusion detection system for the windows environment," IADIS, 2007.
|
18 |
I. Jolliffe, "Principal component analysis," Encyclopedia of Statistics in Behavioral Science, 2002.
|
19 |
G.J. McLachlan, "Discriminant analysis and statistical pattern recognition," John Wiley & Sons, Inc., 2005.
|
20 |
D.Q. Dai and P.C Yuen, "Regularized discriminant analysis and its application to face recognition," Pattern Recognition, vol. 36, pp. 845-847, 2003.
DOI
ScienceOn
|
21 |
R.P.W. Duin, "Small sample size generalization," Proc. Ninth Scandinavian conf. Image Analysis, vol. 2, pp. 957-964, Jun. 1995.
|
22 |
J. Ye, R. Janardan, C. Park, and H. Park, "An optimization criterion for generalized discriminant analysis on undersampled problems," IEEE Transactions on Pattern Recognition Analysis and Machine Intelligence, vol. 26, no. 8, Aug. 2004.
|
23 |
A. Papoulis, "Probability random variables and stochastic processes," 3rd Ed., MCgraw- HILL, 1991.
|
24 |
E. Parzen, "On the estimation of a probability density function and mode," Ann.Math, Stat. vol. 33, no. 3, pp. 1065-1076, Sep. 1962.
DOI
ScienceOn
|
25 |
Offensive Computing, http://www.offensivecomputing.net
|
26 |
Kaspersky lab, http://www.viruslist.com
|
27 |
G. Hoglund and J. Butler, "Rootkits: subverting the windows kernel," Pearson Education Inc., 2006.
|
28 |
Machine Learning Project at the University of Waikato in New Zealand, http://www.cs.waikato.ac.nz/ml/
|