参考文献拒绝服务攻击及防御技术参考文献整理.doc

拒绝服务攻击及防御技术参考文献整理

[1] Gilgor, V. (1983) A note on the Denial-of-Service Problem.Proceedings of Symposium on Security and Privacy (SP'83) , Oakland, CA,USA, 25-27 April, pp. 139{149. IEEE Computer Society, Washington, DC,USA.

[2] Morris, R. T. (1985) A weakness in the 4.2BSD Unix TCP/IPsoftware. Computer Science Technical Report 117. AT&T Bell Labs, MurrayHills, NJ, USA.

[3] Shipley, G. (1999) ISS RealSecure pushes past newer IDS players.Network Computing, 10, 95{111.

[4] Tuncer, T. and Tatar, Y. (2008) Detection SYN ° ooding attacksusing fuzzy logic. Proceedings of International Conference on

Information Security and Assurance (ISA'08) , Washington, DC, USA, 24-26April, pp. 321 {325. IEEE Computer Society, New York, NY, USA.

[5] Mirkovic, J. and Reiher, P. (2005) D-WARD: A source-end defenseagainst ° ooding denial-of-service attacks. IEEE Transactions onDependable and Secure Computing, 2, 216{232.

[6] Asosheh, A. , Dr. and Ramezani, N. (2008) A comprehensivetaxonomy of DDoS attacks and defense mechanism applying in a smartclassi ˉ cation. WSEAS Transactions on Computers, 7, 281 {290.

[7] Mirkovic, J. , Dietrich, S. , Dittrich, D. , and Reiher, P. (2004)Internet Denial of Service Attack and Defense Mechanisms, 1st edition.Prentice Hall PTR, New Jersey, USA.

[8] Paxson, V. (2001) An analysis of using re° ectors fordistributed denial-of-service attacks. ACM SIGCOMM Computer

Communication Review, 31, 38{47.

[9] Moore, D. , Paxson, V. , Savage, S. , Shannon, C. , Staniford, S. ,andWeaver, N. (2003) Inside the slammer worm. IEEE Security and Privacy,1, 33{39.

[10] Hemenway, K. and Calishain, T. (2003) Spidering Hacks.

O'Reilly & Associates, Inc. , Sebastopol, CA, USA.

[11] Goucher, W. (2009) The tipping point. Computer Fraud &Security, 1, 11 {13.

[12] Lesk, M. (2007) The new front line: Estonia under cyberassault.IEEE Security and Privacy, 5, 76{79.

[13] Jalili, R. , Imani-Mehr, F. , Amini, M. , and Shahriari, H.-R.

(2005) Detection of distributed denial of service attacks usingstatistical pre-processor and unsupervised neural networks. LectureNotes in Computer Science, 3439, 192{203.

[14] Gavrilis, D. and Dermatas, E. (2005) Real-time detection ofdistributed denial-of-service attacks using RBF networks and statisticalfeatures. Computer Networks and ISDN Systems, 48, 235{245.

[15] Gavrilis, D. , Tsoulos, I. , and Dermatas, E. (2004) Featureselection for robust detection of distributed denial-of-service attacksusing genetic algorithms. Lecture Notes in Arti ˉ cial Intelligence, 3025,276{281.

[16] Ng, W. , Chan, A. , Yeung, D. , and Tsang, E. (2006) Constructionof high precision RBFNN with low false alarm for detecting ° oodingbased denial of service attacks using stochastic sensitivity measure.Lecture Notes in Arti ˉ cial Intelligence, 3930, 851 {860.

[17] Chan, A. , Ng, W. , D.S, Yeung, and Tsang, E. (2005) Multipleclassi ˉ er system with feature grouping for intrusion detection: Mutualinformation approach. Lecture Notes in Arti ˉ cial Intelligence, 3683,141 {148.

[18] Chan, A. , Yeung, D. , Tsang, E. , and Ng, W. (2006) Empiricalstudy on fusion methods usingensemble of RBFNN for network intrusion detection. Lecture Notes inArti ˉcial Intelligence, 3930, 682{690.

[19] Giacinto, G. , Roli, F. , and Didaci, L. (2003) Fusion ofmultiple classi ˉ ers for intrusion detection in computer networks.Pattern Recognition Letters, 24, 1795{1803.

[20] Mukkamala, S. , Sung, A. H. , and Abraham, A. (2005) Intrusiondetection using an ensemble of intelligent paradigms. Journal of Networkand Computer Applications, 28, 167{182.

[21] Noh, S. , Lee, C. , Choi, K. , and Jung, G. (2003) Detectingdistributed denial of service (DDoS) attacks through inductive learning.Lecture Notes in Computer Science, 2690, 286{295.

[22] ?Oke, G. and Loukas, G. (2007) A denial of service detectorbased on maximum likelihood detection and the random neural network.Computer Journal, 50, 717{727.

[23] Kim, M. , Na, H. , Chae, K. , Bang, H. , and Na, J. (2004) Acombined data mining approach for DDoS attack detection. Lecture Notesin Computer Science, 3090, 943{950.

[24] Siaterlis, C. and Maglaris, B. (2004) Towards multisensor datafusion for DoS detection. Proceedings of symposium on Applied computing(SAC'04) , Nicosia, Cyprus, 14-17 March, pp. 439{446. ACM, New York, NY,USA.

[25] He, H. , Luo, X. , and Liu, B. (2005) Detecting anomalousnetwork tra±c with combined fuzzy-based approaches. Lecture Notes inComputer Science, 3645, 433{442.

[26] Lee, S. , Kim, Y. , Lee, B. , Kang, S. , and Youn, C. (2005) Aprobe detection model using the analysis of the fuzzy cognitive maps.Lecture Notes in Computer Science, 3480, 320{328.

[27] Wei, W. , Dong, Y. , Lu, D. , and Jin, G. (2006) Combining cross-correlation and fuzzy classi ˉ cation to detect distributed denial-of-service attacks. Lecture Notes in Computer Science, 3994, 57{64.

[28] Mukkamala, S. and Sung, A. H. (2004) Computational intelligenttechniques for detecting denial of service attacks. Proceedings ofconference on Innovations in Applied Arti ˉ cial Intelligence

(IEA/AIE'04) , Ottawa, Canada, 17-20 May, pp. 616{624. Springer Verlag,Berlin, Germany.

[29] Sung, A. and Mukkamala, S. (2004) The feature selection andintrusion detection problems. Lecture Notes in Computer Science, 3321,468{482.

[30] Mukkamala, S. , Xu, D. , and Sung, A. (2006) Intrusion detectionbased on behaviour mining and machine learning techniques. Lecture Notesin Arti ˉ cial Intelligence, 4031, 619{628.

[31] Uhlig, S. and Bonaventure, O. (2001) Understanding the long-term self-similarity of internet tra±c. Lecture Notes in ComputerScience, 2156, 286{298.

[32] Xiang, Y. , Lin, Y. , Lei, W. , and Huang, S. (2004) DetectingDDOS attack based on network self- similarity. IEE Proceedings

Communications, 151, 292{295.

[33] Feinstein, L. , Schnackenberg, D. , Balupari, R. , and Kindred, D.

(2003) Statistical approaches to DDoS attack detection and response.Proceedings of Information Survivability Conference and Exposition(DISCEX-III) , Washington, DC, 22-24 April, pp. 303{314. DARPA, Arlington,VA, USA.

[34] Li, M. , Chi, C.-H. , and Long, D. (2004) Fractional gaussiannoise: A tool for characterizing tra±c for detection purpose. LectureNotes in Computer Science, 3309, 94{103.

[35] Li, M. (2004) An approach to reliably identifying signs ofDDOS ° ood attacks based on LRD tra±c pattern recognition. Computersand Security, 23, 549{558.

[36] Tsybakov, B. and Georganas, N. (1998) Self-similar processesin communications networks. IEEE Transactions on Information Theory, 44,1713{1725.

[37] Wang, H. , Zhang, D. , and Shin, K. (2002) Detecting

SYN ° ooding attacks. Proceedings of INFOCOM'02, New York, NY, USA, 23-27 June, pp. 1530{1539. IEEE Communications Society, New York, NY, USA.

[38] Siris, V. and Papagalou, F. (2004) Application of anomalydetection algorithms for detecting syn ° ooding attacks. Proceedings ofGLOBECOM'04, Dallas, TX, USA, 29 November - 3 December, pp. 2050{2054.

[39] Leu, F. and Yang, W. (2005) Intrusion detection with CUSUM forTCP-based DDoS. Lecture Notes in Computer Science, 3823, 1255{1264.

[40] Gu, R. , Yan, P. , Zou, T. , and Guo, C. (2005) An automatic andgeneric early-bird system for internet backbone based on tra±c anomalydetection. Lecture Notes in Computer Science, 3420, 740{748.

[41] Kulkarni, A. and Bush, S. (2006) Detecting distributed denialof service attacks using kolmogorov complexity metrics. Journal ofNetwork and Systems Management, 14(1) , 69{80. [42] Furuya, F. , Matsuzaki,

T. , and Matsuura, K. (2005) Detection of unknown DoS attacks by

Kolmogorov- complexity ° uctuation. Lecture Notes in Computer Science,3822, 395{406. [43] Lee, K. , Kim, J. , Kwon, K. H. , Han, Y. , and Kim, S.

(2008) DDoS attack detection method using cluster analysis. ExpertSystems with Applications, 34, 1659{ 1665.

[44] Li, L. and Lee, G. (2005) DDoS attack detection and wavelets.Telecommunication Systems, 28(3) , 435{451.

[45] Yang, X. , Liu, Y. , Zeng, M. , and Shi, Y. (2004) A novel DDoSattack detecting algorithm based on the continu- ous wavelet transform.Proceedings of Advanced Work- shop on Content Computing (AWCC'04) ,ZhenJiang, JiangSu, China, 15-17 November, pp. 173{181.

[46] Lu, W. and Ghorbani, A. A. (2009) Network anomaly detectionbased on wavelet analysis. EURASIP Journal On Advances In SignalProcessing, 2009, 1 {16.

[47] Kim, S. S. and Reddy, A. L. N. (2008) Statistical techniquesfor detecting tra±c anomalies through packet header data. IEEE/ACMTransactions on Networking, 16, 562{575.

[48] Peng, T. , Leckie, C. , and Ramamohanarao, K. (2003) Detectingdistributed denial of service attacks by sharing distributed belief.Lecture Notes in Computer Science, 2727, 214{225.

[49] Cetnarowicz, K. and Rojek, G. (2004) Behavior based detectionof unfavourable resource. Lecture Notes in Computer Science, 3038,607{614.

[50] Seo, H. S. and Cho, T. H. (2002) Modeling and simulation fordetecting a distributed denial of service attack. Proceedings ofAustralian Joint Conference on Arti ˉ cial Intelligence (AI'02) , 16-21September.

[51] Gelenbe, E. (1993) Learning in the recurrent random neuralnetwork. Neural Computation, 5, 154{164.

[52] Hussain, A. , Heidemann, J. , and Papadopoulos, C. (2003) Aframework for classifying denial of ser- vice attacks. Proceedings ofconference on Appli- cations, technologies, architectures, and protocolsfor computer communications (SIGCOMM'03) , Karlsruhe, Germany, 25-29August, pp. 99{110. ACM, New York, NY, USA.

[53] Gelenbe, E. , Lent, R. , and Nunez, A. (2004) Self-awarenetworks and QoS. Proceedings of the IEEE, 92, 1478{ 1489.

[54] Jing, S. , Wang, H. , and Shin, K. (2003) Hop-count ˉ ltering ane?ective defense against spoofed tra±c. Proceedings of InternationalConference on Computer and Communications Security (CCS'03) , Washington,DC, USA, 27-30 October, pp. 30{41. ACM, New York, NY,

USA.

[55] Kim, Y. , Lau, W. , Chuah, M. , and Chao, H. (2006) PacketScore:A statistics-based packet ˉ ltering scheme against distributed denial-of-service attacks. IEEE Transactions on Dependable and Secure Computing,3(2) , 141 {155.

[56] Ayres, P. , Sun, H. , Chao, H. , and Lau, W. (2006) ALPi: a DDoSdefence system for high-speed networks. IEEE Journal of Selected Areasin Communications, 24(10) , 1864{1876. [57] Sisalem, D. , Kuthan, J. , andEhlert, S. (2006) Denial of service attacks targeting a sip voipinfrastructure: attack scenarios and prevention mechanisms. IEEE Network,20, 26{31.

[58] Jung, J. , Krishnamurthy, B. , and Rabinovich, M. (2002) Flashcrowds and denial of service attacks: characterization and implications

for CDNs and web sites. Proceedings of conference on World Wide Web(WWW'02) , Honolulu, Hawai i, USA, 7-11 May, pp. 553{561. ACM, New York,NY, USA.

[59] Morein, W. G. , Stavrou, A. , Cook, D. L. , Keromytis, A. D. ,Misra, V. , and Rubenstein, D. (2003) Using graphic turing tests tocounter automated DDoS attacks against web servers. Proceedings ofConference on Computer and Communications Security (CCS'03) , Washington,DC, USA, 27-30 October, pp. 8{19. ACM, New York, NY, USA.

[60] Kandula, S. , Katabi, D. , Jacob, M. , and Berger, A. (2005)Botz-4-sale: surviving organized DDoS attacks that mimic ° ash crowds.Proceedings of Symposium on Networked Systems Design & Implementation(NDSI'05) , Houston, TX, USA, 4-6 April, pp. 287{300. USENIX Association,Berkeley, CA, USA.

[61] Mori, G. and Malik, J. (2003) Recognizing objects inadversarial clutter - breaking a visual captcha. Proceedings of

Conference on Computer Vision and Pattern Recognition (CVPR'03) , Madison,Wisconsin, USA, 16-22 June, pp. 134{141.

[62] Gao, Z. and Ansari, N. (2006) Di?erentiating malicious DDoSattack tra±c from normal TCP ° ows by proactive tests. CommunicationLetters, 10(11) , 793{ 795.

[63] Thomas, R. , Mark, B. , Johnson, T. , and Croall, J. (2003)Netbouncer: client-legitimacy-based high-performance DDoS ˉ ltering.Proceedings of Information Survivability Conference and Exposition(DISCEX-III) , Washington, DC, USA, 22-24 April, pp. 14{25. DARPA,Arlington, VA, USA.