-
Notifications
You must be signed in to change notification settings - Fork 1
/
references.bib
875 lines (747 loc) · 31.4 KB
/
references.bib
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
@article{8736331,
author = {Yang, Jin and Li, Tao and Liang, Gang and He, Wenbo and Zhao, Yue},
journal = {IEEE Access},
title = {A Simple Recurrent Unit Model Based Intrusion Detection System With DCGAN},
year = {2019},
pages = {83286-83296}
}
@article{ahmad2021network,
title = {Network intrusion detection system: A systematic study of machine learning and deep learning approaches},
author = {Ahmad, Zeeshan and Shahid Khan, Adnan and Wai Shiang, Cheah and Abdullah, Johari and Ahmad, Farhan},
journal = {Transactions on Emerging Telecommunications Technologies},
year = {2021}
}
@inproceedings{andoni2006near,
title = {Near-optimal hashing algorithms for approximate nearest neighbor in high dimensions},
author = {Andoni, Alexandr and Indyk, Piotr},
booktitle = {2006 47th annual IEEE symposium on foundations of computer science (FOCS'06)},
pages = {459--468},
year = {2006}
}
@article{aslani2020fast,
title = {A fast instance selection method for support vector machines in building extraction},
author = {Aslani, Mohammad and Seipel, Stefan},
journal = {Applied Soft Computing},
year = {2020}
}
@article{axelsson2000base,
title = {The base-rate fallacy and the difficulty of intrusion detection},
author = {Axelsson, Stefan},
journal = {ACM Transactions on Information and System Security (TISSEC)},
year = {2000}
}
@inproceedings{baldini2021intrusion,
title = {An Intrusion Detection System implemented with Instance Selection based on Locality Sensitive Hashing for Data Reduction},
author = {Baldini, Gianmarco and Hernandez-Ramos, Jose L},
booktitle = {European Wireless 2021; 26th European Wireless Conference},
pages = {1--6},
year = {2021}
}
@phdthesis{beer_hybrid2021,
author = {Frank Beer},
title = {A Hybrid Flow-based Intrusion Detection System Incorporating Uncertainty},
school = {University of Kassel},
year = {2021}
}
@inproceedings{bingham2001random,
title = {Random projection in dimensionality reduction: applications to image and text data},
author = {Bingham, Ella and Mannila, Heikki},
booktitle = {Proceedings of the seventh ACM SIGKDD international conference on Knowledge discovery and data mining},
pages = {245--250},
year = {2001}
}
@book{bis_2006,
author = {Bishop, Christopher M.},
title = {Pattern recognition and machine learning},
publisher = {Springer},
year = {2006}
}
@inproceedings{blum2005random,
title = {Random projection, margins, kernels, and feature-selection},
author = {Blum, Avrim},
booktitle = {International Statistical and Optimization Perspectives Workshop" Subspace, Latent Structure and Feature Selection"},
pages = {52--68},
year = {2005}
}
@article{bor_2003,
author = {Borsboom, Denny and Mellenbergh, Gideon J. and van Heerden, Jaap},
title = {The theoretical status of latent variables.},
journal = {Psychological Review},
year = {2003}
}
@article{breiman2001random,
title = {Random forests},
author = {Breiman, Leo},
journal = {Machine learning},
year = {2001}
}
@article{breitinger2014approximate,
title = {Approximate matching: definition and terminology},
author = {Breitinger, Frank and Guttman, Barbara and McCarrin, Michael and Roussev, Vassil and White, Douglas and others},
journal = {NIST Special Publication},
year = {2014}
}
@misc{Bye2008,
author = {Rainer Bye and Sahin Albayrak},
title = {{{CIMD} - {C}ollaborative {I}ntrusion and {M}alware {D}etection}},
year = {2008}
}
@article{cambiaso2013slow,
title = {Slow DoS attacks: definition and categorisation},
author = {Cambiaso, Enrico and Papaleo, Gianluca and Chiola, Giovanni and Aiello, Maurizio},
journal = {International Journal of Trust Management in Computing and Communications},
year = {2013}
}
@inproceedings{charikar2002similarity,
title = {Similarity estimation techniques from rounding algorithms},
author = {Charikar, Moses S},
booktitle = {Proceedings of the thiry-fourth annual ACM symposium on Theory of computing},
pages = {380--388},
year = {2002}
}
@inproceedings{che_2003,
author = {Cheung, S. and Lindqvist, U. and Fong, M.W.},
title = {Modeling multistep cyber attacks for scenario recognition},
booktitle = {Proceedings {DARPA} {Information} {Survivability} {Conference} and {Exposition}},
year = {2003}
}
@incollection{chow_data_2010,
title = {Data {Fingerprinting} with {Similarity} {Digests}},
booktitle = {Advances in {Digital} {Forensics} {VI}},
publisher = {Springer Berlin Heidelberg},
author = {Roussev, Vassil},
year = {2010},
pages = {207--226}
}
@inproceedings{clark1988design,
title = {The design philosophy of the DARPA Internet protocols},
author = {Clark, David},
booktitle = {Symposium proceedings on Communications architectures and protocols},
pages = {106--114},
year = {1988}
}
@book{cormen2022introduction,
title = {Introduction to algorithms},
author = {Cormen, Thomas H and Leiserson, Charles E and Rivest, Ronald L and Stein, Clifford},
year = {2022},
publisher = {MIT press}
}
@dataset{cse-cic-ids-2018,
title = {{A Realistic Cyber Defense Dataset (CSE-CIC-IDS2018)}},
author = {{Communications Security Establishment (CSE) and Canadian Institute for Cybersecurity (CIC)}},
year = {2018},
url = {https://registry.opendata.aws/cse-cic-ids2018},
urldate = {2022-02-08}
}
@inproceedings{Cuppens2002,
author = {Cuppens, F. and Miege, A.},
booktitle = {Proceedings 2002 IEEE Symposium on Security and Privacy},
title = {Alert correlation in a cooperative intrusion detection framework},
year = {2002},
pages = {202-215}
}
@article{Dash2006,
author = {Dash, Denver and Kveton, Branislav and Agosta, John Mark and Schooler, Eve and Chandrashekar, Jaideep and Bachrach, Abraham and Newman, Alex},
title = {{When Gossip is Good: Distributed Probabilistic Inference for Detection of Slow Network Intrusions}},
journal = {AAAI National Conference on Artificial Intelligence},
year = {2006}
}
@inproceedings{datar_locality-sensitive_2004,
title = {Locality-sensitive hashing scheme based on p-stable distributions},
booktitle = {Proceedings of the twentieth annual symposium on {Computational} geometry - {SCG} '04},
publisher = {ACM Press},
author = {Datar, Mayur and Immorlica, Nicole and Indyk, Piotr and Mirrokni, Vahab S.},
year = {2004},
pages = {253}
}
@techreport{debar2007intrusion,
title = {The intrusion detection message exchange format (IDMEF)},
author = {Debar, Herve and Curry, David and Feinstein, Benjamin},
url = {https://www.rfc-editor.org/rfc/rfc4765},
urldate = {2022-09-10},
year = {2007}
}
@book{dei_2020,
author = {Deisenroth, Marc Peter and Faisal, A. Aldo and Ong, Cheng Soon},
title = {Mathematics for machine learning},
publisher = {Cambridge University Press},
year = {2020}
}
@article{denning1987intrusion,
title = {An intrusion-detection model},
author = {Denning, Dorothy E},
journal = {IEEE Transactions on software engineering},
year = {1987}
}
@article{DEPREN2005713,
title = {An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks},
journal = {Expert Systems with Applications},
year = {2005},
author = {Ozgur Depren and Murat Topallar and Emin Anarim and M. Kemal Ciliz}
}
@inproceedings{dreger2004operational,
title = {Operational experiences with high-volume network intrusion detection},
author = {Dreger, Holger and Feldmann, Anja and Paxson, Vern and Sommer, Robin},
booktitle = {Proceedings of the 11th ACM conference on Computer and communications security},
pages = {2--11},
year = {2004}
}
@article{Duma2006,
author = {Duma, Claudiu and Karresand, Martin and Shahmehri, Nahid and Caronni, Germano},
title = {{A Trust-Aware, P2P-Based Overlay for Intrusion Detection}},
journal = {International Workshop on Database and Expert Systems Applications},
year = {2006}
}
@inproceedings{dy2000feature,
title = {Feature subset selection and order identification for unsupervised learning},
author = {Dy, Jennifer G and Brodley, Carla E},
booktitle = {ICML},
pages = {247--254},
year = {2000}
}
@inprocessings{engelen2021,
author = {Engelen, Gints and Rimmer, Vera and Joosen, Wouter},
booktitle = {2021 IEEE Security and Privacy Workshops (SPW)},
title = {Troubleshooting an Intrusion Detection Dataset: the CICIDS2017 Case Study},
year = {2021},
pages = {7-12}
}
@inproceedings{ferdowsi2019generative,
title = {Generative adversarial networks for distributed intrusion detection in the internet of things},
author = {Ferdowsi, Aidin and Saad, Walid},
booktitle = {2019 IEEE Global Communications Conference (GLOBECOM)},
pages = {1--6},
year = {2019}
}
@inproceedings{fern2003random,
title = {Random projection for high dimensional data clustering: A cluster ensemble approach},
author = {Fern, Xiaoli Z and Brodley, Carla E},
booktitle = {Proceedings of the 20th international conference on machine learning (ICML-03)},
pages = {186--193},
year = {2003}
}
@article{Fung2008,
author = {Fung, Carol J. and Baysal, Olga and Zhang, Jie and Aib, Issam and Boutaba, Raouf},
title = {{Trust Management for Host-Based Collaborative Intrusion Detection}},
journal = {Managing Large-Scale Service Deployment},
year = {2008}
}
@article{Ganesh2003,
author = {Ganesh, Ayalvadi J and Kermarrec, A-M and Massouli{\'e}, Laurent},
title = {{Peer-to-Peer Membership Management for Gossip-Based Protocols}},
journal = {IEEE Transactions on Computers},
year = {2003}
}
@incollection{goo_2001,
author = {Debar, Hervé and Wespi, Andreas},
title = {Aggregation and {Correlation} of {Intrusion}-{Detection} {Alerts}},
booktitle = {Recent {Advances} in {Intrusion} {Detection}},
publisher = {Springer Berlin Heidelberg},
year = {2001}
}
@incollection{goo_2001b,
author = {Valdes, Alfonso and Skinner, Keith},
title = {Probabilistic {Alert} {Correlation}},
booktitle = {Recent {Advances} in {Intrusion} {Detection}},
publisher = {Springer Berlin Heidelberg},
year = {2001}
}
@incollection{goo_2002,
author = {Porras, Phillip A. and Fong, Martin W. and Valdes, Alfonso},
title = {A {Mission}-{Impact}-{Based} {Approach} to {INFOSEC} {Alarm} {Correlation}},
booktitle = {Recent {Advances} in {Intrusion} {Detection}},
publisher = {Springer Berlin Heidelberg},
year = {2002}
}
@book{has_2009,
author = {Hastie, Trevor and Tibshirani, Robert and Friedman, J. H.},
title = {The elements of statistical learning: data mining, inference, and prediction},
publisher = {Springer},
year = {2009}
}
@article{hindy2020taxonomy,
title = {A taxonomy of network threats and the effect of current datasets on intrusion detection systems},
author = {Hindy, Hanan and Brosset, David and Bayne, Ethan and Seeam, Amar Kumar and Tachtatzis, Christos and Atkinson, Robert and Bellekens, Xavier},
journal = {IEEE Access},
year = {2020}
}
@article{hof_2014,
author = {Hofstede, Rick and Celeda, Pavel and Trammell, Brian and Drago, Idilio and Sadre, Ramin and Sperotto, Anna and Pras, Aiko},
title = {Flow Monitoring Explained: From Packet Capture to Data Analysis With NetFlow and IPFIX},
journal = {Communications Surveys \& Tutorials, IEEE},
year = {2014}
}
@article{hofstede2018flow,
title = {Flow-based compromise detection: lessons learned},
author = {Hofstede, Rick and Pras, Aiko and Sperotto, Anna and Rodosek, Gabi Dreo},
journal = {IEEE security \& privacy},
year = {2018}
}
@article{Hotelling1933AnalysisOA,
title = {Analysis of a complex of statistical variables into principal components.},
author = {Harold Hotelling},
journal = {Journal of Educational Psychology},
year = {1933},
pages = {498-520}
}
@article{huang2020igan,
title = {IGAN-IDS: An imbalanced generative adversarial network towards intrusion detection system in ad-hoc networks},
author = {Huang, Shuokang and Lei, Kai},
journal = {Ad Hoc Networks},
year = {2020}
}
@incollection{hut_2004,
author = {Garcia, Joaquin and Autrel, Fabien and Borrell, Joan and Castillo, Sergio and Cuppens, Frederic and Navarro, Guillermo},
title = {Decentralized {Publish}-{Subscribe} {System} to {Prevent} {Coordinated} {Attacks} via {Alert} {Correlation}},
booktitle = {Information and {Communications} {Security}},
publisher = {Springer Berlin Heidelberg},
year = {2004}
}
@article{indyk_approximate_1998,
author = {Indyk, Piotr and Motwani, Rajeev},
title = {Approximate nearest neighbors: towards removing the curse of dimensionality},
journal = {{ACM} {Symposium} on {Theory} of {Computing}},
year = {1998}
}
@incollection{jaj_2002,
author = {Dain, Oliver and Cunningham, Robert K.},
title = {Fusing {A} {Heterogeneous} {Alert} {Stream} {Into} {Scenarios}},
booktitle = {Applications of {Data} {Mining} in {Computer} {Security}},
publisher = {Springer US},
year = {2002}
}
@book{james2013introduction,
title = {An introduction to statistical learning},
author = {James, Gareth and Witten, Daniela and Hastie, Trevor and Tibshirani, Robert},
year = {2013},
publisher = {Springer}
}
@article{Janakiraman2003,
author = {R. {Janakiraman} and M. {Waldvogel} and {Qi Zhang}},
title = {{Indra: A Peer-to-Peer Approach to Network Intrusion Detection and Prevention}},
journal = {IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises},
year = {2003}
}
@book{jay_2003,
author = {Jaynes, E. T. and Bretthorst, G. Larry},
title = {Probability theory: the logic of science},
publisher = {Cambridge University Press},
year = {2003}
}
@article{jazi2017detecting,
title = {Detecting HTTP-based application layer DoS attacks on web servers in the presence of sampling},
author = {Jazi, Hossein Hadian and Gonzalez, Hugo and Stakhanova, Natalia and Ghorbani, Ali A},
journal = {Computer Networks},
pages = {25--36},
year = {2017}
}
@dataset{kdd99,
title = {{The UCI KDD Archive: KDDCup99 Dataset}},
author = {{Hettich, S. and Bay, S. D.}},
year = {1999},
organization = {Irvine, CA: University of California, Department of Information and Computer Science},
url = {https://kdd.ics.uci.edu/databases/kddcup99/},
urldate = {2022-09-07}
}
@phdthesis{kendall1999database,
title = {A database of computer attacks for the evaluation of intrusion detection systems},
author = {Kendall, Kristopher Kristopher Robert},
year = {1999},
school = {Massachusetts Institute of Technology}
}
@article{keribin2000consistent,
title = {Consistent estimation of the order of mixture models},
author = {Keribin, Christine},
journal = {Sankhy{\=a}: The Indian Journal of Statistics, Series A},
year = {2000}
}
@inproceedings{kocher2019spectre,
title = {Spectre attacks: Exploiting speculative execution},
author = {Kocher, Paul and Horn, Jann and Fogh, Anders and Genkin, Daniel and Gruss, Daniel and Haas, Werner and Hamburg, Mike and Lipp, Moritz and Mangard, Stefan and Prescher, Thomas and others},
booktitle = {2019 IEEE Symposium on Security and Privacy (SP)},
pages = {1--19},
year = {2019}
}
@article{kornblum_identifying_2006,
title = {Identifying almost identical files using context triggered piecewise hashing},
journal = {Digital Investigation},
author = {Kornblum, Jesse},
year = {2006}
}
@article{kumar2019,
title = {On cloud security requirements, threats, vulnerabilities and countermeasures: A survey},
journal = {Computer Science Review},
year = {2019},
author = {Rakesh Kumar and Rinkaj Goyal}
}
@article{lee2019ae,
title = {AE-CGAN model based high performance network intrusion detection system},
author = {Lee, JooHwa and Park, KeeHyun},
journal = {Applied Sciences},
year = {2019}
}
@inbook{leskovec_rajaraman_ullman_2014,
title = {Finding Similar Items},
booktitle = {Mining of Massive Datasets},
publisher = {Cambridge University Press},
author = {Leskovec, Jure and Rajaraman, Anand and Ullman, Jeffrey David},
year = {2014},
pages = {68–122}
}
@article{li2017feature,
title = {Feature selection: A data perspective},
author = {Li, Jundong and Cheng, Kewei and Wang, Suhang and Morstatter, Fred and Trevino, Robert P and Tang, Jiliang and Liu, Huan},
journal = {ACM computing surveys (CSUR)},
year = {2017}
}
@inproceedings{lin2022idsgan,
title = {Idsgan: Generative adversarial networks for attack generation against intrusion detection},
author = {Lin, Zilong and Shi, Yong and Xue, Zhi},
booktitle = {Pacific-Asia Conference on Knowledge Discovery and Data Mining},
pages = {79--91},
year = {2022}
}
@article{Locasto2005,
author = {M. E. {Locasto} and J. J. {Parekh} and A. D. {Keromytis} and S. J. {Stolfo}},
title = {{Towards Collaborative Security and P2P Intrusion Detection}},
journal = {IEEE SMC Information Assurance Workshop},
year = {2005}
}
@thesis{ludwig_friborg_malware_2019,
title = {Malware {Classification} using {Locality} {Sensitive} {Hashing} and {Neural} {Networks}},
author = {{Ludwig Friborg} and Peiser, Stefan Carl},
year = {2019},
school = {Chalmers University of Technology and University of Gothenburg}
}
@book{lunt1992real,
title = {A real-time intrusion-detection expert system (IDES)},
author = {Lunt, Teresa F and Tamaru, Ann and Gillham, F},
year = {1992},
publisher = {SRI International. Computer Science Laboratory}
}
@article{mck_2008,
author = {McKeown, Nick and Anderson, Tom and Balakrishnan, Hari and Parulkar, Guru and Peterson, Larry and Rexford, Jennifer and Shenker, Scott and Turner, Jonathan},
title = {OpenFlow: Enabling innovation in campus networks},
journal = {Computer Communication Review},
year = {2008}
}
@article{milenkoski2015evaluating,
title = {Evaluating computer intrusion detection systems: A survey of common practices},
author = {Milenkoski, Aleksandar and Vieira, Marco and Kounev, Samuel and Avritzer, Alberto and Payne, Bryan D},
journal = {ACM Computing Surveys (CSUR)},
year = {2015}
}
@inproceedings{Miller2003,
title = {Collaborative intrusion detection system},
author = {Miller, Patrick and Inoue, Atsushi},
booktitle = {22nd International Conference of the North American Fuzzy Information Processing Society, NAFIPS 2003},
pages = {519--524},
year = {2003}
}
@article{moia_similarity_2017,
title = {Similarity {Digest} {Search}: {A} {Survey} and {Comparative} {Analysis} of {Strategies} to {Perform} {Known} {File} {Filtering} {Using} {Approximate} {Matching}},
journal = {Security and Communication Networks},
author = {Moia, Vitor Hugo Galhardo and Henriques, Marco Aurélio Amaral},
year = {2017}
}
@book{montgomery_2010,
author = {Montgomery, Douglas C and Runger, George C},
title = {Applied statistics and probability for engineers},
publisher = {John Wiley \& Sons},
year = {2010}
}
@inproceedings{motwani2006lower,
title = {Lower bounds on locality sensitive hashing},
author = {Motwani, Rajeev and Naor, Assaf and Panigrahi, Rina},
booktitle = {Proceedings of the twenty-second annual symposium on Computational geometry},
pages = {154--157},
year = {2006}
}
@book{mur_2012,
author = {Murphy, Kevin P.},
title = {Machine learning: a probabilistic perspective},
publisher = {MIT Press},
year = {2012}
}
@incollection{nagarkar2021exploring,
title = {Exploring State-of-the-Art Nearest Neighbor (NN) Search Techniques},
author = {Nagarkar, Parth and Bhattacharya, Arnab and Jafari, Omid},
booktitle = {8th ACM IKDD CODS and 26th COMAD},
pages = {443--446},
year = {2021}
}
@article{Nguyen2019,
title = {Search: A collaborative and intelligent nids architecture for sdn-based cloud iot networks},
author = {Nguyen, Tri Gia and Phan, Trung V and Nguyen, Binh T and So-In, Chakchai and Baig, Zubair Ahmed and Sanguanpong, Surasak},
journal = {IEEE access},
year = {2019}
}
@inproceedings{nslkdd,
title = {A detailed analysis of the KDD CUP 99 data set},
author = {Tavallaee, Mahbod and Bagheri, Ebrahim and Lu, Wei and Ghorbani, Ali A},
booktitle = {2009 IEEE symposium on computational intelligence for security and defense applications},
pages = {1--6},
year = {2009}
}
@inproceedings{oliver2013tlsh,
title = {TLSH--a locality sensitive hash},
author = {Oliver, Jonathan and Cheng, Chun and Chen, Yanggui},
booktitle = {2013 Fourth Cybercrime and Trustworthy Computing Workshop},
pages = {7--13},
year = {2013}
}
@inproceedings{opricsa2014locality,
title = {Locality-sensitive hashing optimizations for fast malware clustering},
author = {Opri{\c{s}}a, Ciprian and Checiche{\c{s}}, Marius and N{\u{a}}ndrean, Adrian},
booktitle = {2014 IEEE 10th International Conference on Intelligent Computer Communication and Processing (ICCP)},
pages = {97--104},
year = {2014}
}
@article{Perez2013,
author = {Gil P\'{e}rez, Manuel and G\'{o}mez M\'{a}rmol, F\'{e}lix and Mart\'{\i}nez P\'{e}rez, Gregorio and Skarmeta G\'{o}mez, Antonio F.},
title = {{{RepCIDN:} A Reputation-Based Collaborative Intrusion Detection Network to Lessen the Impact of Malicious Alarms}},
journal = {Journal of Network and Systems Management},
year = {2013}
}
@misc{pha_2004,
author = {Peter Phaal},
title = {{sFlow Specification Version 5}},
howpublished = {\url{https://sflow.org/sflow_version_5.txt}},
note = {Accessed: 2022-08-10}
}
@article{Phillip1997,
author = {Phillip {A.} Porras and Peter {G.} Neumann},
title = {{{EMERALD:} Event Monitoring Enabling Responses to Anomalous Live Disturbances}},
journal = {National Information Systems Security Conference},
year = {1997}
}
@article{pinto2015fast,
title = {A fast incremental gaussian mixture model},
author = {Pinto, Rafael Coimbra and Engel, Paulo Martins},
journal = {PloS one},
year = {2015}
}
@article{reyes2016transition,
title = {Transition-aware human activity recognition using smartphones},
author = {Reyes-Ortiz, Jorge-L and Oneto, Luca and Sam{\`a}, Albert and Parra, Xavier and Anguita, Davide},
journal = {Neurocomputing},
year = {2016}
}
@misc{rfc3954,
author = {Benoît Claise},
title = {{Cisco Systems NetFlow Services Export Version 9}},
series = {Request for Comments},
number = {3954},
howpublished = {\url{https://rfc-editor.org/rfc/rfc3954.txt}},
note = {Accessed: 2021-03-11},
year = {2004}
}
@misc{rfc5101,
author = {Benoît Claise},
title = {{Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information}},
series = {Request for Comments},
number = {5101},
howpublished = {\url{https://rfc-editor.org/rfc/rfc5101.txt}},
note = {Accessed: 2021-03-11},
year = {2008}
}
@misc{rforests_2014,
doi = {10.48550/ARXIV.1407.7502},
url = {https://arxiv.org/abs/1407.7502},
author = {Louppe, Gilles},
title = {Understanding Random Forests: From Theory to Practice},
publisher = {arXiv},
year = {2014}
}
@inproceedings{riquet2012large,
title = {Large-scale coordinated attacks: Impact on the cloud security},
author = {Riquet, Damien and Grimaud, Gilles and Hauspie, Micha{\"e}l},
booktitle = {2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing},
pages = {558--563},
year = {2012}
}
@inproceedings{roesch1999snort,
title = {Snort: Lightweight intrusion detection for networks.},
author = {Roesch, Martin and others},
booktitle = {Lisa},
pages = {229--238},
year = {1999}
}
@inproceedings{rubinstein2018hardness,
title = {Hardness of approximate nearest neighbor search},
author = {Rubinstein, Aviad},
booktitle = {Proceedings of the 50th annual ACM SIGACT symposium on theory of computing},
pages = {1260--1268},
year = {2018}
}
@inproceedings{savage2005,
title = {Internet outbreaks: epidemiology and defenses},
author = {Savage, Stefan},
booktitle = {Invited Talk in the 12th Annual Network and Distributed System Security (NDSS 05)},
year = {2005}
}
@article{schwarz1978estimating,
title = {Estimating the dimension of a model},
author = {Schwarz, Gideon},
journal = {The annals of statistics},
year = {1978}
}
@book{sco_2015,
author = {Scott, David W.},
title = {Multivariate {Density} {Estimation}},
publisher = {Wiley},
year = {2015}
}
@inproceedings{sebring1988expert,
title = {Expert systems in intrusion detection: A case study},
author = {Sebring, Michael M and Shellhouse, Eric and Hanna, Mary E and Whitehurst, R Alan},
booktitle = {Proceedings of the 11th National Computer Security Conference},
pages = {74--81},
year = {1988}
}
@inproceedings{shahriar2020g,
title = {G-ids: Generative adversarial networks assisted intrusion detection system},
author = {Shahriar, Md Hasan and Haque, Nur Imtiazul and Rahman, Mohammad Ashiqur and Alonso, Miguel},
booktitle = {2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)},
pages = {376--385},
year = {2020}
}
@article{sharafaldin_toward_2018,
author = {Sharafaldin, Iman and Habibi Lashkari, Arash and Ghorbani, Ali A.},
title = {Toward {Generating} a {New} {Intrusion} {Detection} {Dataset} and {Intrusion} {Traffic} {Characterization}},
journal = {4th {International} {Conference} on {Information} {Systems} {Security} and {Privacy}},
year = {2018}
}
@article{shl_2014,
author = {Shlens, Jonathon},
title = {A {Tutorial} on {Principal} {Component} {Analysis}},
journal = {arXiv:1404.1100 [cs, stat]},
year = {2014}
}
@article{smote,
author = {Chawla, Nitesh V. and Bowyer, Kevin W. and Hall, Lawrence O. and Kegelmeyer, W. Philip},
title = {SMOTE: Synthetic Minority over-Sampling Technique},
year = {2002},
journal = {J. Artif. Int. Res.}
}
@inproceedings{som_2010,
author = {Sommer, Robin and Paxson, Vern},
title = {Outside the {Closed} {World}: {On} {Using} {Machine} {Learning} for {Network} {Intrusion} {Detection}},
booktitle = {2010 {IEEE} {Symposium} on {Security} and {Privacy}},
pages = {305--316},
year = {2010}
}
@article{szegedy2013intriguing,
title = {Intriguing properties of neural networks},
author = {Szegedy, Christian and Zaremba, Wojciech and Sutskever, Ilya and Bruna, Joan and Erhan, Dumitru and Goodfellow, Ian and Fergus, Rob},
journal = {arXiv preprint arXiv:1312.6199},
year = {2013}
}
@book{szor2005art,
title = {The Art of Computer Virus Research and Defense: ART COMP VIRUS RES DEFENSE \_p1},
author = {Szor, Peter},
year = {2005},
publisher = {Pearson Education}
}
@book{tanenbaum2021computer,
title = {Computer Networks, Global Edition},
author = {Tanenbaum, A.S. and Feamster, N. and Wetherall, D.J.},
year = {2021},
publisher = {Pearson Education}
}
@article{trammell2011introduction,
title = {An introduction to IP flow information export (IPFIX)},
author = {Trammell, Brian and Boschi, Elisa},
journal = {IEEE Communications Magazine},
year = {2011}
}
@inproceedings{unswnb15,
author = {Moustafa, Nour and Slay, Jill},
booktitle = {2015 Military Communications and Information Systems Conference (MilCIS)},
title = {UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)},
year = {2015},
pages = {1-6}
}
@inproceedings{usama2019generative,
title = {Generative adversarial networks for launching and thwarting adversarial attacks on network intrusion detection systems},
author = {Usama, Muhammad and Asim, Muhammad and Latif, Siddique and Qadir, Junaid and others},
booktitle = {2019 15th international wireless communications \& mobile computing conference (IWCMC)},
pages = {78--83},
year = {2019}
}
@phdthesis{vasilomanolakis_collaborative_2016,
title = {On Collaborative Intrusion Detection},
address = {Darmstadt},
school = {Technische Universit{\"a}t Darmstadt},
year = {2016},
author = {Emmanouil Vasilomanolakis}
}
@article{Vasilomanolakis2015SkipMon,
author = {Emmanouil Vasilomanolakis and Matthias Krugl and Carlos Garcia Cordero and M. M{\"u}hlh{\"a}user and Mathias Fischer},
title = {{SkipMon: A locality-aware Collaborative Intrusion Detection System}},
journal = {IEEE International Performance Computing and Communications Conference},
year = {2015}
}
@inproceedings{vigna1998netstat,
title = {NetSTAT: A network-based intrusion detection approach},
author = {Vigna, Giovanni and Kemmerer, Richard A},
booktitle = {Proceedings 14th Annual Computer Security Applications Conference (Cat. No. 98EX217)},
pages = {25--34},
year = {1998}
}
@article{vigna1999netstat,
title = {NetSTAT: A network-based intrusion detection system},
author = {Vigna, Giovanni and Kemmerer, Richard A},
journal = {Journal of computer security},
year = {1999}
}
@article{Vishnumurthy2006,
author = {Vishnumurthy, Vivek and Francis, Paul},
title = {{On Heterogeneous Overlay Construction and Random Node Selection in Unstructured P2P Networks}},
journal = {IEEE International Conference on Computer Communications},
year = {2006}
}
@inproceedings{wang2004anomalous,
title = {Anomalous payload-based network intrusion detection},
author = {Wang, Ke and Stolfo, Salvatore J},
booktitle = {International workshop on recent advances in intrusion detection},
pages = {203--222},
year = {2004}
}
@book{whitman_principles_2018,
author = {Whitman, Michael E. and Mattord, Herbert J.},
title = {Principles of information security},
publisher = {Cengage Learning},
year = {2018}
}
@book{williamcryptography,
title = {Cryptography and Network Security - Principles and Practice, 7th Edition},
author = {William, S.},
year = {2016},
publisher = {Pearson Education India}
}
@article{Zhang2001,
author = {Zhang, Zheng and Li, Jun and Manikopoulos, CN and Jorgenson, Jay and Ucles, Jose},
title = {{{HIDE:} a Hierarchical Network Intrusion Detection System Using Statistical Preprocessing and Neural Network Classification}},
journal = {IEEE Workshop on Information Assurance and Security},
year = {2001}
}
@inproceedings{zhang2006hybrid,
title = {A hybrid network intrusion detection technique using random forests},
author = {Zhang, Jiong and Zulkernine, Mohammad},
booktitle = {First International Conference on Availability, Reliability and Security (ARES'06)},
pages = {8--pp},
year = {2006}
}
@article{zho_2009,
author = {Zhou, Chenfeng and Leckie, Christopher and Karunasekera, Shanika},
title = {Decentralized multi-dimensional alert correlation for collaborative intrusion detection},
journal = {Journal of Network and Computer Applications},
year = {2009}
}
@article{Zhou2010,
title = {A survey of coordinated attacks and collaborative intrusion detection},
author = {Zhou, Chenfeng Vincent and Leckie, Christopher and Karunasekera, Shanika},
journal = {Computers \& Security},
year = {2010}
}