Profiling Program Behavior with X2 distance-based Multivariate Analysis for Intrusion Detection |
Kim, Chong-Il
(전남대학교 대학원 전산학과)
Kim, Yong-Min (전남대학교 리눅스시스템 보안연구센터 Post-doc.) Seo, Jae-Hyeon (목포대학교 정보공학부) Noh, Bong-Nam (전남대학교 컴퓨터정보학부) |
1 | S. Noel, D. Wijesekera and C. Youman, 'Modem Intrusion Lctection, Data Mining, and Degrees of Attack Guilt,' Applications of Data Mining in Computer Security, Kluwer Academic Publishers, 2002 |
2 | S. Kumar and E. H. Spafford, 'A Software Architecture to Support Misuse Intrusion Detection,' Proceedings of the 18th National Information Security Conference, pp.194-204, 1995 |
3 | S. Axelsson, 'Intrusion detection systems: A survey and taxonorny,' Technical report. Department of Computer Engneering, chalmers University of Technology, Goteborg, Sweden, 2000 |
4 | C. Krugel, T. Toth and E. Kirda, 'Service Specific Anomaly Detection for Network Intrusion Detection,' Symposium on Applied Computing (SAC), ACM Digital Library, March 2002 DOI |
5 | A. K. Ghosh, J. Wanken and F. charron, 'Detecting anomalous and unknown intrusions against programs,' Proceedings of the 1998 Annual computer Security Applications conference(ACSAC '98), 1998 DOI |
6 | D. Montgomery, 'Introduction to Statistical Quality Control,' John wiley & Sons, 2000 |
7 | A. K. Ghosh, A. Schwarzbard and M. Shatz, 'Learning program behavior profiles for intrusion detection,' Proceedings of the 1st UNENIX Workshop on Intrusion Detection and Network Monitoring, April, 1999 |
8 | S. Forrest, S. Hofmeyr, A. Somayaji and T. Longstaff, 'A sense of self for unix processes, In IEEE Symposium on Security and privacy,' pp.120-128, 1996 DOI |
9 | C. Ko, G. Fink, K. Levitt, 'Automated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring,' Proceedings of the 1994 Computer Security Applications Conference, 1994 DOI |
10 | N. Ye, Q. Chen, S. Vilbert, 'Multivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection,' IEEE Transactions of computers, Vol.51, No.7, pp.810-820, July, 2002 DOI ScienceOn |
11 | S. A. Hofrneyr, A. Somayaji and S. Forrest, 'Intrusion Detection using Sequences of System Calls,' Journal of Computer Security, Vol.6, pp.151-180, 1998 |
12 | C. Warrender, S. Forrest and B. Pearlmutter, 'Detecting Intrusions Using System Calls: Alternative Data Models,' 1999 IEEE Symposium on Security and Privacy, pp.133-145, 1999 DOI |
13 | C. Ko, G. Fink and K. Levitt, 'Execution monitoring of security-critical programs in distributed systems : A specificatin-based approach,' Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp.134-144, 1997 DOI |
14 | D. Wagner and R. Dean, 'Intrusion detection via static analysis,' In IEEE Symposium on Security and Privacy, IEEE Computer Society, 2002 DOI |
15 | A. Wespi, M. Dacier and H. Debara, 'Intrusion detection using variable-length audit trail patterns,' Recent Advances in Intrusion Detection(RAID 2000), pp.110-129, 2000 |
16 | S. Forrest, Computer immune systems data sets, http://www.cs.unm.edu/~immsec/data-sets.htm. 1997 |
17 | W. Lee and S. Stolfo, 'Learning Patterns from Unix Process Execution Traces for Intrusion Detection,' AAAI Workshop: AI Approaches to Fraud Detection and RISK Management, pp.50-56, July, 1997 |
18 | C. A. Lowry, W. H. Woodall, C. W. Champ and S. E. Rigdon, 'A Multivariate Exponentially Weighted Moving Average Chart,' Technometrics, 34, pp.46-53, 1992 DOI ScienceOn |