TY - JOUR AU - Kent, S. PY - 2000 DA - 2000// TI - On the trail of intrusions into information systems JO - IEEE Spectrum VL - 37 UR - https://doi.org/10.1109/6.887597 DO - 10.1109/6.887597 ID - Kent2000 ER - TY - CHAP AU - Moore, D. AU - Voelker, G. AU - Savage, S. PY - 2001 DA - 2001// TI - Inferring internet denial of service activity BT - Proceedings of the 10th USENIX Security Symposium ID - Moore2001 ER - TY - JOUR AU - Paxson, V. PY - 1999 DA - 1999// TI - Bro: a system for detecting network intruders in real-time JO - IEEE Computer Networks VL - 31 UR - https://doi.org/10.1016/S1389-1286(99)00112-7 DO - 10.1016/S1389-1286(99)00112-7 ID - Paxson1999 ER - TY - CHAP AU - Roesch, M. PY - 1999 DA - 1999// TI - Snort-lightweight intrusion detection for networks BT - Proceedings of the USENIX LISA Conference on System Administration ID - Roesch1999 ER - TY - JOUR AU - Staniford, S. AU - Hoagland, J. A. AU - McAlerney, J. M. PY - 2002 DA - 2002// TI - Practical automated detection of stealthy portscans JO - Journal of Computer Security VL - 10 UR - https://doi.org/10.3233/JCS-2002-101-205 DO - 10.3233/JCS-2002-101-205 ID - Staniford2002 ER - TY - BOOK AU - Basseville, M. AU - Nikiforov, I. PY - 1993 DA - 1993// TI - Detection of Abrupt Changes: Theory and Application PB - Prentice Hall CY - Englewood Cliffs, NJ, USA ID - Basseville1993 ER - TY - JOUR AU - Wang, H. AU - Zhang, D. AU - Shin, K. G. PY - 2004 DA - 2004// TI - Change-point monitoring for the detection of DoS attacks JO - IEEE Transactions on Dependable and Secure Computing VL - 1 UR - https://doi.org/10.1109/TDSC.2004.34 DO - 10.1109/TDSC.2004.34 ID - Wang2004 ER - TY - JOUR AU - Siris, V. A. AU - Papagalou, F. PY - 2004 DA - 2004// TI - Application of anomaly detection algorithms for detecting SYN flooding attacks JO - Proceedings of the IEEE Global Telecommunications Conference (GLOBECOM '04), November- VL - 4 UR - https://doi.org/10.1109/GLOCOM.2004.1378372 DO - 10.1109/GLOCOM.2004.1378372 ID - Siris2004 ER - TY - CHAP AU - Wong, C. AU - Bielski, S. AU - McCune, J. M. AU - Wang, C. PY - 2004 DA - 2004// TI - A study of mass-mailing worms BT - Proceedings of the ACM CCS Workshop on Rapid Malcode (WORM '04) ID - Wong2004 ER - TY - CHAP AU - Whyte, D. AU - Kranakis, E. AU - van Oorschot, P. C. PY - 2005 DA - 2005// TI - DNS-based detection of scanning worms in an enterprise network BT - Proceedings of the 12th Annual Network and Distributed System Security Symposium (NDSS '05) ID - Whyte2005 ER - TY - CHAP AU - Whyte, D. AU - Kranakis, E. AU - van Oorschot, P. C. PY - 2005 DA - 2005// TI - ARP-based detection of scanning worms within an enterprise network BT - Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC '05) ID - Whyte2005 ER - TY - CHAP AU - Mirkovic, J. AU - Prier, G. AU - Reiher, P. L. PY - 2002 DA - 2002// TI - Attacking DDoS at the source BT - Proceedings of the IEEE International Conference on Network Protocols (ICNP '02) ID - Mirkovic2002 ER - TY - JOUR AU - Shah, K. AU - Bohacek, S. AU - Jonckheere, E. PY - 2003 DA - 2003// TI - On the predictability of data network traffic JO - Proceedings of the American Control Conference (ACC '03) VL - 2 ID - Shah2003 ER - TY - JOUR AU - Wallace, C. S. AU - Dowe, D. L. PY - 1999 DA - 1999// TI - Minimum message length and Kolmogorov complexity JO - The Computer Journal VL - 42 UR - https://doi.org/10.1093/comjnl/42.4.270 DO - 10.1093/comjnl/42.4.270 ID - Wallace1999 ER - TY - JOUR AU - Jonckheere, E. AU - Helton, J. PY - 1985 DA - 1985// TI - Power spectrum reduction by optimal hankel norm approximation of the phase of the outer spectral factor JO - IEEE Transactions on Automatic Control VL - 30 UR - https://doi.org/10.1109/TAC.1985.1103864 DO - 10.1109/TAC.1985.1103864 ID - Jonckheere1985 ER - TY - JOUR AU - Zvonkin, A. AU - Levin, L. PY - 1970 DA - 1970// TI - The complexity of finite objects and the development of the concepts of information and randomness by means of the theory of algorithms JO - Russian Mathematical Surveys VL - 25 UR - https://doi.org/10.1070/RM1970v025n06ABEH001269 DO - 10.1070/RM1970v025n06ABEH001269 ID - Zvonkin1970 ER - TY - JOUR AU - Sow, D. M. AU - Eleftheriadis, A. PY - 2003 DA - 2003// TI - Complexity distortion theory JO - IEEE Transactions on Information Theory VL - 49 UR - https://doi.org/10.1109/TIT.2002.808135 DO - 10.1109/TIT.2002.808135 ID - Sow2003 ER - TY - BOOK AU - Manin, Y. I. PY - 1977 DA - 1977// TI - A Course in Mathematical Logic PB - Springer CY - New York, NY, USA UR - https://doi.org/10.1007/978-1-4757-4385-2 DO - 10.1007/978-1-4757-4385-2 ID - Manin1977 ER - TY - JOUR AU - Akaike, H. PY - 1975 DA - 1975// TI - Markovian representation of stochastic processes by canonical variables JO - SIAM Journal on Control VL - 13 UR - https://doi.org/10.1137/0313010 DO - 10.1137/0313010 ID - Akaike1975 ER - TY - JOUR AU - Breiman, L. AU - Friedman, J. H. PY - 1985 DA - 1985// TI - Estimating optimal transformations for multiple regression and correlation JO - Journal of the American Statistical Association VL - 80 UR - https://doi.org/10.1080/01621459.1985.10478157 DO - 10.1080/01621459.1985.10478157 ID - Breiman1985 ER - TY - BOOK AU - Sipser, M. PY - 1997 DA - 1997// TI - Introduction to the Theory of Computation PB - PWS CY - Boston, Mass, USA ID - Sipser1997 ER - TY - BOOK AU - Nemytskii, V. V. AU - Stepanov, V. V. PY - 1989 DA - 1989// TI - Qualitative Theory of Differential Equations PB - Dover CY - New York, NY, USA ID - Nemytskii1989 ER - TY - JOUR AU - Brini, F. AU - Siboni, S. AU - Turchetti, G. AU - Vaienti, S. PY - 1997 DA - 1997// TI - Decay of correlations for the automorphism of the torus JO - Nonlinearity VL - 10 UR - https://doi.org/10.1088/0951-7715/10/5/012 DO - 10.1088/0951-7715/10/5/012 ID - Brini1997 ER - TY - STD TI - Haydn N, Jonckheere EA: On mutual information.https://doi.org/eudoxus.usc.edu/CHAOS/traffic.html UR - http://eudoxus.usc.edu/CHAOS/traffic.html ID - ref24 ER - TY - BOOK AU - Stallings, W. PY - 1998 DA - 1998// TI - High-Speed Networks TCP/IP and ATM Design Principles PB - Prentice Hall CY - Englewood Cliffs, NJ, USA ID - Stallings1998 ER - TY - JOUR AU - Crovella, M. E. AU - Bestavros, A. PY - 1997 DA - 1997// TI - Self-similarity in world wide web traffic: evidence and possible causes JO - IEEE/ACM Transactions on Networking VL - 5 UR - https://doi.org/10.1109/90.650143 DO - 10.1109/90.650143 ID - Crovella1997 ER - TY - CHAP AU - Feldmann, A. AU - Gilbert, A. C. AU - Willinger, W. PY - 1998 DA - 1998// TI - Data networks as cascades: investigating the multifractal nature of Internet WAN traffic BT - Proceedings of the ACM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM '98), August- ID - Feldmann1998 ER - TY - STD TI - Liu NX, Baras JS: On scaling property of network traffic in small scales. submitted to Computer Networks ID - ref28 ER - TY - STD TI - https://doi.org/www.isi.edu/nsnam UR - http://www.isi.edu/nsnam ID - ref29 ER - TY - JOUR AU - Denning, D. E. PY - 1987 DA - 1987// TI - An intrusion detection model JO - IEEE Transactions on Software Engineering VL - 13 UR - https://doi.org/10.1109/TSE.1987.232894 DO - 10.1109/TSE.1987.232894 ID - Denning1987 ER - TY - CHAP AU - Ghosh, A. AU - Wanken, J. AU - Charron, F. PY - 1998 DA - 1998// TI - Detection anomalous and unknown intrusions agains programs BT - Proceedings of the 14th Annual Computer Security Applications Conference (ACSAC '98), Decemeber ID - Ghosh1998 ER - TY - CHAP AU - Javitz, H. S. AU - Valdes, A. PY - 1991 DA - 1991// TI - The SRI IDES statistical anomaly detector BT - Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy UR - https://doi.org/10.1109/RISP.1991.130799 DO - 10.1109/RISP.1991.130799 ID - Javitz1991 ER - TY - CHAP AU - Ko, C. AU - Ruschitzka, M. AU - Levitt, K. PY - 1997 DA - 1997// TI - Execution monitoring of security-critical programs in distributed systems: a specification-based approach BT - Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy ID - Ko1997 ER - TY - CHAP AU - Lane, T. AU - Brodley, C. E. PY - 1998 DA - 1998// TI - Temporal sequence learning and data reduction for anomaly detection BT - Proceedings of the 5th ACM Conference on Computer and Communications Security (CCS '98) UR - https://doi.org/10.1145/288090.288122 DO - 10.1145/288090.288122 ID - Lane1998 ER - TY - CHAP AU - Lee, W. AU - Stolfo, S. PY - 1999 DA - 1999// TI - A framework for constructing features and models for intrusion detection systems BT - Proceedings of the 5th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining ID - Lee1999 ER - TY - CHAP AU - Forrest, S. AU - Hofmeyr, S. A. AU - Somayaji, A. AU - Longstaff, T. A. PY - 1996 DA - 1996// TI - A sense of self for unix processes BT - Proceedings of the IEEE Symposium on Security and Privacy ID - Forrest1996 ER - TY - CHAP AU - Anderson, R. AU - Khattak, A. PY - 1998 DA - 1998// TI - The use of information retrieval techniques for intrusion detection BT - Proceedings of the 1st International Workshop on the Recent Advances in Intrusion Detection (RAID '98) ID - Anderson1998 ER - TY - CHAP AU - Teng, H. S. AU - Chen, K. AU - Lu, S. C. -. Y. PY - 1990 DA - 1990// TI - Adaptive real-time anomaly detection using inductively generated sequential patterns BT - Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy UR - https://doi.org/10.1109/RISP.1990.63857 DO - 10.1109/RISP.1990.63857 ID - Teng1990 ER - TY - CHAP AU - Lunt, T. AU - Tamaru, A. AU - Gilham, F. PY - 1992 DA - 1992// BT - A real-time intrusion detection expert system (IDES) PB - Computer Science Laboratory, SRI International CY - Menlo Park, Calif, USA ID - Lunt1992 ER - TY - CHAP AU - Blazek, R. B. AU - Kim, H. AU - Rozovskii, B. AU - Tartakovsky, A. PY - 2001 DA - 2001// TI - A novel approach to detection of denial-of service attacks via adaptive sequential and batch sequential change-point detection methods BT - Proceedings of the 2nd Annual IEEE Systems, Man, and Cybernetics Information Assurance Workshop ID - Blazek2001 ER - TY - JOUR AU - Wang, H. AU - Zhang, D. AU - Shin, K. PY - 2002 DA - 2002// TI - Detecting SYN flooding attacks JO - Proceedings of the 21st Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM '02) VL - 3 ID - Wang2002 ER - TY - JOUR AU - Alarcon-Aquino, V. AU - Barria, J. A. PY - 2001 DA - 2001// TI - Anomaly detection in communication networks using wavelets JO - IEE Proceedings: Communications VL - 148 UR - https://doi.org/10.1049/ip-com:20010659 DO - 10.1049/ip-com:20010659 ID - Alarcon-Aquino2001 ER - TY - JOUR AU - Thottan, M. AU - Ji, C. PY - 2003 DA - 2003// TI - Anomaly detection in IP networks JO - IEEE Transactions on Signal Processing VL - 51 UR - https://doi.org/10.1109/TSP.2003.814797 DO - 10.1109/TSP.2003.814797 ID - Thottan2003 ER - TY - CHAP AU - Barford, P. AU - Kline, J. AU - Plonka, D. AU - Ron, A. PY - 2002 DA - 2002// TI - A signal analysis of network traffic anomalies BT - Proceedings of the 2nd ACM SIGCOMM Internet Measurement Workshop (IMW '02) UR - https://doi.org/10.1145/637201.637210 DO - 10.1145/637201.637210 ID - Barford2002 ER - TY - JOUR AU - Cheng, C. -. M. AU - Kung, H. T. AU - Tan, K. -. S. PY - 2002 DA - 2002// TI - Use of spectral analysis in defense against DoS attacks JO - Proceedings of the IEEE Global Telecommunications Conference (GLOBECOM '02) VL - 3 ID - Cheng2002 ER - TY - CHAP AU - Hussain, A. AU - Heidemann, J. AU - Papadopoulos, C. PY - 2003 DA - 2003// TI - A framework for classifying denial of service attacks BT - Proceedings of the ACM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM '03) ID - Hussain2003 ER - TY - CHAP AU - Partridge, C. AU - Cousins, D. AU - Jackson, A. AU - Krishnan, R. AU - Saxena, T. AU - Strayer, W. T. PY - 2002 DA - 2002// TI - Using signal processing to analyze wireless data traffic BT - Proceedings of the ACM Workshop on Wireless Security ID - Partridge2002 ER - TY - JOUR AU - Zhang, Z. -. L. AU - Ribeiro, V. AU - Moon, S. AU - Diot, C. PY - 2003 DA - 2003// TI - Small-time scaling behaviors of Internet backbone traffic: an empirical study JO - Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM '03), March- VL - 3 ID - Zhang2003 ER - TY - CHAP AU - Evans, S. AU - Bush, S. F. AU - Hershey, J. PY - 2001 DA - 2001// TI - Information assurance through Kolmogorov complexity BT - Proceedings of the 2nd DARPA Information Survivability Conference and Exposition II (DISCEX-II '01) ID - Evans2001 ER - TY - BOOK AU - Samoradnitsky, G. AU - Taqqu, M. S. PY - 1994 DA - 1994// TI - Stable Non-Gaussian Random Processes, Stochastic Models with Infinite Variance PB - Hall CY - New York, NY, USA ID - Samoradnitsky1994 ER - TY - CHAP AU - Jonckheere, E. AU - Wu, B. -. F. PY - 1992 DA - 1992// TI - Mutual Kolmogorov-Sinai entropy approach to nonlinear estimation BT - Proceedings of the IEEE Conference on Decision and Control ID - Jonckheere1992 ER - TY - BOOK AU - Kullback, S. PY - 1968 DA - 1968// TI - Information Theory and Statistics PB - Dover CY - New York, NY, USA ID - Kullback1968 ER - TY - STD TI - Wu BF: Identification and control of chaotic processes—the Kolmogorov-Sinai entropy approach, Ph.D. dissertation. ID - ref53 ER - TY - CHAP AU - Larimore, W. E. PY - 1991 DA - 1991// TI - Identification and filtering of nonlinear systems using canonical variate analysis BT - Nonlinear Modeling and Forecasting, SFI Studies in the Sciences of Complexity PB - Addison-Wesley CY - Reading, Mass, USA ID - Larimore1991 ER - TY - JOUR AU - Leland, W. AU - Taqqu, M. AU - Willinger, W. AU - Wilson, D. PY - 1994 DA - 1994// TI - On the self-similar nature of Ethernet traffic (extended version) JO - IEEE/ACM Transactions on Networking VL - 2 UR - https://doi.org/10.1109/90.282603 DO - 10.1109/90.282603 ID - Leland1994 ER - TY - JOUR AU - Pruthi, P. AU - Erramilli, A. PY - 1995 DA - 1995// TI - Heavy-tailed ON/OFF source behavior and self-similar traffic JO - IEEE International Conference on Communications VL - 1 ID - Pruthi1995 ER - TY - STD TI - CERT : CERT advisory CA-96.01: UDP port denial-of-service attack.https://doi.org/info.cert.org/pub/cert_advisories/ca-96.01.udp_service_denial UR - ftp://info.cert.org/pub/cert_advisories/ca-96.01.udp_service_denial ID - ref57 ER - TY - STD TI - ERT Coordination Center : Overview of attack trends.https://doi.org/www.cert.org/archive/pdf/attacktrends.pdf UR - http://www.cert.org/archive/pdf/attacktrends.pdf ID - ref58 ER -