References
1. A. Sperotto, G. Schaffrath, R. Sadre, C. Morariu, A. Pras, B. Stiller, “An overview of IP flow-based intrusion detection,” Communications Surveys & Tutorials, IEEE , vol.12, no.3, pp.343-356, Third Quarter 2010
2. V. Engen, “Machine learning for network based intrusion detection: an
investigation into discrepancies in findings with the KDD cup '99 data set and
multi-objective evolution of neural network classifier ensembles from imbalanced data,” PhD Thesis, Bournemouth University, 2010
3. P. Vahdani Amoli, A.R. Ghobadi, G. Taherzadeh, R. Karimi, S. Maham, “New Detection Technique Using Correlation of NetworkM. H. Bhuyan, D. K.
Bhattacharyya, J. K. Kalita. “An effective unsupervised network anomaly detection method,” In Proceedings of the International Conference on Advances in
Computing, Communications and Informatics (ICACCI '12). ACM, pp.533-539, New York, NY, USA, 2012
4. A. Lakhina, M. Crovella, C. Diot, “Characterization of network-wide anomalies in traffic flows,” Proc. of the 4th ACM SIGCOMM conference on Internet
References
35
5. G. Tedesco, U. Aickelin, “An Immune Inspired Network Intrusion Detection System Utilising Correlation Context,” Proceedings of the Workshop on Artificial Immune Systems and Immune System Modelling (AISB '06), Bristol, 2006
6. T. Peng, C. Leckie, K. Ramamohanarao, “Proactively Detecting Distributed Denial of Service Attacks Using Source IP Address Monitoring,” Proceedings of the Third
International IFIP-TC6 Networking Conference (Networking 2004), pp.771-782, 2004
7. A.L. Mark, M. Crovella, C. Diot, “Characterization of Network-Wide Anomalies in Traffic Flows,” IMC '04 Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, pp.201-206, New York, NY, USA, 2004
8. B. Claise, “Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information,” RFC 5101 (Proposed Standard), [Online]. Available: http://www.ietf.org/rfc/rfc5101.txt, Jan. 2012
References
9. R. Koch, G.D. Rodosek, "Security System for Encrypted Environments (S2E2)," RAID 2010, LNCS, vol. 6306, pp.505-507, Springer, Heidelberg, 2010
10. R. Koch, G.D. Rodosek , "Command Evaluation in Encrypted Remote Sessions," Network and System Security (NSS), 2010 4th International Conference on , vol., no., pp.299-305, 1-3 Sept. 2010
11. M. Augustin, A. Balaz, "Intrusion detection with early recognition of encrypted application," Intelligent Engineering Systems (INES), 2011 15th IEEE International Conference on , vol., no., pp.245-247, 23-25 June 2011
12. F. Alserhani, M. Akhlaq, I.U. Awan, A.J. Cullen, P. Mirchandani, "MARS: Multi-stage Attack Recognition System," Advanced Information Networking and Applications (AINA), 2010 24th IEEE International Conference on , vol., no., pp.753-759, 20-23 April 2010
13. P. García-Teodoro, J. Díaz-Verdejo, G. Maciá-Fernández, E. Vázquez, “Anomaly- based network intrusion detection: Techniques, systems and challenges,” Computers & Security, vol. 28, Issues 1–2, pp. 18-28, February–March 2009
References
37
14. M.N.M. Sap, A.H. Abdullah, S. Srinoy, S. Chimphle, W. Chimphle, “Anomaly
Intrusion Detection Using Fuzzy Clustering Methods,” Jurnal Teknologi Maklumat, FSKSM, UTM, Jurnal Teknologi Maklumat, vol.18, pp.25-32, 2006
15. T.P. Fries, “A Fuzzy-Genetic Approach to Network Intrusion Detection,” Proceedings of the 2008 GECCO conference companion on Genetic and evolutionary
computation, Atlanta, GA, USA, pp.2141-2146, 2008
16. T.T.T. Nguyen, G. Armitage, "A survey of techniques for internet traffic classification using machine learning," Communications Surveys & Tutorials, IEEE , vol.10, no.4, pp.56-76, Fourth Quarter 2008
17. M. H. Bhuyan, D. K. Bhattacharyya, J. K. Kalita. “An effective unsupervised network anomaly detection method,” In Proceedings of the International Conference on Advances in Computing, Communications and Informatics (ICACCI '12). ACM, pp.533-539, New York, NY, USA, 2012
References
18. H.R. Zeidanloo, Bt Manaf, P. Vahdani Amoli, F. Tabatabaei, M. Zamani, “Botnet Detection Based on Traffic Monitoring,” International Conference on Networking and Information Technology (ICNIT), vol., no., pp.97 – 101, Manila, Philippines, 2010
19. H.R. Zeidanloo, M.J.Z. Shooshtari, P. Vahdani Amoli, M. Safari, M. Zamani,“A
taxonomy of Botnet detection techniques,”3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT), vol.2, no., pp.158 – 162, Chengdu, China , 2010
20. H.R. Zeidanloo, F. Tabatabaei, P. Vahdani Amoli, A. Tajpour, “All about Malwares (Malicious Codes),” Proceedings of the 2010 International Conference on Security Management, SAM 2010, pp.342-348, Las Vegas Nevada, USA, 2010
21. F.F. Etemad, P.Vahdani Amoli, “Real-Time Botnet Command and Control Characterization at the Host Level,” 6th International Symposium on
Telecommunication with emphasis on Information and Communication Technology (IST’2012), Tehran, Iran, 2012
References
39
22. A. Karasaridis, B. Rexroad, D. Hoeflin, “Wide-scale botnet detection and
characterization,” Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, pp.7-7, Cambridge, MA, USA, 2007
23. H.C. Lin, C.M. Chen, J.Y. Tzeng, "Flow Based Botnet Detection," Innovative Computing, Information and Control (ICICIC), 2009 Fourth International Conference on , vol., no., pp.1538-1541, 2009
24. W. Hong, G. Zhenghu, G. Qing, Wang Baosheng, "Detection Network Anomalies Based on Packet and Flow Analysis," Seventh International Conference on
Networking, 2008. ICN 2008., vol., no., pp.497-502, 2008
25. Y. Waizumi, H. Tsunoda, M. Tsuji, Y. Nemoto, "A Multi-Stage Network Anomaly Detection Method for Improving Efficiency and Accuracy," Journal of Information Security, vol.3 no. 1, pp.18-24, 2012
26. M. Amini, R. Jalili, H.R. Shahriari, “RT-UNNID: A practical solution to real-time network-based intrusion detection using unsupervised neural networks,” Computers and Security, Elsevier Inc, vol.25, Issue 6, pp.459-468, 2006
References
27. P. Casas, J. Mazel, P. Owezarski, “Unsupervised Network Intrusion Detection Systems: Detecting the Unknown without Knowledge,” Computer
Communications, vol.35, Issue 7, pp.772-783, 2012
28. G. Cormode, S. Muthukrishnan, “What's new: finding significant differences in network data streams,” IEEE/ACM Transactions on Networking (TON), vol.13, Issue 6, pp.1219-1232, 2005
29. Cisco.com, “Cisco IOS NetFlow Configuration Guide, Release 12.4,” http://www.cisco.com, Sep. 2012
30. M. Ester, H.P. Kriegel, J. Sander, X. Xu , "A density-based algorithm for discovering clusters in large spatial databases with noise," Proceedings of the Second
International Conference on Knowledge Discovery and Data Mining (KDD-96), AAAI Press. pp.226–23, 1996
31. P.C. Mahalanobis, "On the generalised distance in statistics," Proceedings of the National Institute of Sciences of India 2 (1) : pp.49–55, 1936
References
41
32. M. Tavallaee, E. Bagheri, Lu Wei, A.A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set," Computational Intelligence for Security and Defense
Applications, CISDA 2009. IEEE Symposium on , vol., no., pp.1,6, 8-10 July 2009 33. A. Shiravi, H. Shiravi, M. Tavallaee, A. A. Ghorbani, Toward developing a systematic
approach to generate benchmark datasets for intrusion detection, Computers & Security, vol.31, Issue 3, May 2012, pp.357-374, ISSN 0167-4048, 2012