Intrusion Detection Bibliography

Anderson:80: James P. Anderson. Computer security threat monitoring and surveillance. Technical report, James P. Anderson Co., Fort Washington, PA, April 1980.
Bellovin:92: Steven M. Bellovin. There be dragons. In Proceedings of the Third Usenix UNIX Security Symposium, April 1992.
Bishop:95: Matt Bishop. A standard audit log format. In Proceedings of the 18th National Information Systems Security Conference, pages 136-145, October 1995.
BishopDilger:96: Matt Bishop and Michael Dilger. Checking for race conditions in file accesses. Computing Systems, 9(2):131-152, Spring 1996.
Crosbie:95: Mark Crosbie. Applying genetic programming to intrusion detection. In Proceedings of 1995 AAAI Fall Symposium on Genetic Programming, November 1995.
CrosbieSpafford:95: Mark Crosbie and Eugene H. Spafford. Defending a computer system using autonomous agents. In Proceedings of the 18th National Information Systems Security Conference, October 1995.
Denning:87: Dorothy E. Denning. An intrusion-detection model. IEEE Transactions on Software Engineering, 13(2):222-232, February 1987.
DoD5200.28-STD: Department of Defense. Trusted Computer System Evaluation Criteria, December 1985. DoD 5200.28-STD.
DowellRamstedt:90: Cheri Dowell and Paul Ramstedt. The ComputerWatch data reduction tool. In Proceedings of the 13th National Computer Security Conference, pages 99-108, October 1990.
forrest-hofmeyr:97: Stephanie Forrest, Steven A. Hofmeyr and Anil Somayaji. Computer Immunology. Communications of the ACM, 40(10):88-96, October 1997.
Goldberg:89: David Goldberg. Genetic Algorithms in Search, Optimization and Machine Learning. Addision-Wesley, 1989.
HabraCharlierEtAl:92: Naji Habra, Baudouin Le Charlier, Abdelaziz Mounji, and Isabelle Mathieu. ASAX: Software architecture and rule-based language for universal audit trail analysis. In Proceedings of European Symposium on Research in Computer Security, pages 435-450, November 1992.
HabraCharlierEtAl:94: Naji Habra, Baudouin Le Charlier, Abdelaziz Mounji, and Isabelle Mathieu. Preliminary report on Advanced Security Audit trail analysis on uniX. Technical report, Institut D'Informatique, FUNDP, September 1994.
HalmeBauer:95: Lawrence R. Halme and R. Kenneth Bauer. AINT misbehaving - a taxonomy of anti-intrusion techniques. In Proceedings of the 18th National Information Systems Security Conference, pages 163-172, October 1995.
HalmeHorne:86: Lawrence R. Halme and John Van Horne. Automated analysis of computer system audit trails for security purposes. In Proceedings of the 9th National Computer Security Conference, pages 71-74, September 1986.
HalmeKahn:88: Lawrence R. Halme and Brial L. Kahn. Building a security monitor with adaptive user work profiles. In Proceedings of the 11th National Computer Security Conference, pages 274-283, October 1988.
HansenAtkins:93: Stephen E. Hansen and Todd Atkins. Automated system monitoring and notification with Swatch. In Proceedings of the USENIX Systems Administration (LISA VII) Conference, pages 145-155, November 1993.
HeadyLugerEtAl:90: Richard Heady, George Luger, Arthur Maccabe, and Mark Servilla. The architecture of a network level intrusion detection system. Technical Report CS90-20, Department of Computer Science, University of New Mexico, August 1990.
HeadyLugarEtAl:91: Richard Heady, George Luger, Arthur Maccabe, Mark Servilla, and John Sturtevant. The prototype implementation of a network level intrusion detection system. Technical Report CS91-11, Department of Computer Science, University of New Mexico, April 1991.
HeberleinDiasEtAl:90: L. Todd Heberlein, Gihan V. Dias, Karl N. Levitt, Biswanath Mukherjee, Jeff Wood, and David Wolber. A network security monitor. In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, pages 296-304, May 1990.
HoaglandWee:95: James Hoagland, Christopher Wee, and Karl Levitt. Audit log analysis using the visual audit browser toolkit. Technical Report CSE-95-11, Department of Computer Science, University of California, Davis, September 1995.
HochbergJacksonEtAl:93: Judith Hochberg, Kathleen Jackson, Cathy Stallings, J. F. McClary, David DuBois, and Josephine Ford. NADIR: An automated system for detecting network intrusion and misuse. Computers & Security, 12(3):235-248, May 1993.
hofmeyr-phdthesis:99: Steven Andrew Hofmeyr. An Immunological Model of Distributed Detection and its Application to Computer Security. Ph.D. Thesis, University of New Mexico, May 1999.
Ilgun:93: Koral Ilgun. USTAT: A real-time intrusion detection system for UNIX. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 16-28, May 1993.
JavitzValdes:91: Harold S. Javitz and Alfonso Valdes. The SRI IDES statistical anomaly detector. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 316-326, 1991.
Kova:92: John Koza. Genetic Programming: On the Programming of Computers by means of Natural Selection. MIT Press, 1992.
Kuhn:86: Jeffrey D. Kuhn. Research toward intrusion detection through automated abstraction of audit data. In Proceedings of the 9th National Computer Security Conference, pages 204-208, September 1986.
KumarSpafford:94: Sandeep Kumar and Eugene H. Spafford. A pattern matching model for misuse intrusion detection. In Proceedings of the 17th National Computer Security Conference, pages 11-21, October 1994.
lane-brodley:98: Terran Lane and Carla E. Brodley. Temporal Sequence Learning and Data Reduction for Anomaly Detection. In Proceedings of the Fifth ACM Conference on Computer and Communications Security, pages 150-158, 1998.
LiepinsVaccaro:89: G. E. Liepins and H. S. Vaccaro. Anomaly detection: Purpose and framework. In Proceedings of the 12th National Computer Security Conference, pages 495-504, October 1989.
Lunt:90: Teresa F. Lunt. IDES: An intelligent system for detecting intruders. In Proceedings of the Symposium: Computer Security, Treat and Countermeasures, Rome, Italy, November 1990.
LuntJagannathan:88: Teresa F. Lunt and R. Jagannathan. A prototype real-time intrusion-detection expert system. In Proceedings of the IEEE Symposium on Security and Privacy, pages 59-66, April 1988.
Lunt:88: Teresea F. Lunt. Automated audit trail analysis and intrusion detection: A survey. In Proceedings of the 11th National Computer Security Conference, pages 65-73, October 1988.
Maes:93: Pattie Maes. Modeling adaptive autonomous agents. Artificial Life, 1(1/2), 1993.
Marshall:91: Victor H. Marshall. Intrusion detection in computers. Booz, Allen & Hamilton Inc., January 1991. Summary of the Trusted Information Systems (TIS) Report on Intrusion Detection Systems.
MounjiCharlier:97: Abdelaziz Mounji and Baudouin Le Charlier. Continuous assessment of a unix configuration: Integrating intrusion detection and configuration analysis. In Proceedings of the the ISOC 1997 Symposium On Network and Distributed System Security, February 1997.
MounjiCharlierEtAl:94: Abdelaziz Mounji, Baudouin Le Charlier, Denis Zampunieris, and Naji Habra. Distributed audit trail analysis. In ISOC '95 Symposium on Network and Distributed System Security, 1995.
MukherjeeHeberleinEtAl:94: Biswanath Mukherjee, L. Todd Heberlein, and Karl N. Levitt. Network intrusion detection. IEEE Network, 8(3):26-41, May/June 1994.
NeumannParker:89: Peter G. Neumann and Donn B. Parker. A summary of computer misuse techniques. In Proceedings of the 12th National Computer Security Conference, pages 396-407, October 1989.
Parker:94: Donn B. Parker. Demonstrating the elements of information security with threats. In Proceedings of the 17th National Computer Security Conference, pages 421-430, 1994.
Proctor:94: Paul Proctor. Audit reduction and misuse detection in heterogeneous environments: Framework and applications. In Proceedings of the 10th Annual Computer Security Applications Conference, pages 117-125, December 1994.
PunchZongker:96: Bill Punch and Douglas Zongker. lil-gp 1.02 users manual. Technical report, Computer Sciences Department, Michigan State University, A-714 Wells Hall, East Lansing, MI 48824, 1996.
SebringShellhouseEtAl:88: Michael M. Sebring, Eric Shellhouse, Mary E. Hanna, and R. Alan Whitehurst. Expert systems in intrusion detection: A case study. In Proceedings of the 11th National Computer Security Conference, pages 74-81, October 1988.
Sibert:88: W. Olin Sibert. Auditing in a distributed system: SunOS MLS audit trails. In Proceedings of the 11th National Computer Security Conference, pages 82-90, October 1988.
Smaha:88: Stephen E. Smaha. Haystack: An intrusion detection system. In Proceedings of the Fourth Aerospace Computer Security Applications Conference, pages 37-44, December 1988.
SnappBrentanoEtAl:91: Steven R. Snapp, James Brentano, Gihan V. Dias, Terrance L. Goan, Tim Grance, L. Todd Heberlein, Che-Lin Ho, Karl N. Levitt, Biswanath Mukherjee, Douglass L. Mansur, Kenneth L. Pon, and Stephen E. Smaha. A system for distributed intrusion detection. In COMPCOM Spring '91 Digest of Papers, pages 170-176, February/March 1991.
SobireyRichterEtAl:96: M. Sobirey, B. Richter, and H. Konig. The intrusion detection system AID. architecture, and experiences in automated audit analysis. In Proceedings of the IFIP TC6/TC11 International Conference on Communications and Multimedia Security, pages 278-290, September 1996.
Stoll:89: Cliff Stoll. The Cuckoo's Egg. Pocket Books, 1989.
Sundaram:96: Aurobindo Sundaram. An introduction to intrusion detection. Crossroads: The ACM Student Magazine, 2(4), April 1996.
tan:neural-nets: Kymie M. C. Tan. The Application of Neural Networks to UNIX Computer Security. Department of Computer Science, University of Melbourne, Parkville 3052, Australia.
VaccaroLiepins:89: H. S. Vaccaro and G. E. Liepins. Detection of anomalous computer session activity. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 280-289, 1989.
WhiteFischEtAl:96a: Gregory B. White, Eric A. Fisch, and Udo W. Pooch. Computer System and Network Security. CRC Press Inc., 1996.
WhiteFischEtAl:96b: Gregory B. White, Eric A. Fisch, and Udo W. Pooch. Cooperating security managers: A peer-based intrusion detection system. IEEE Network, 10(1):20-23, January/February 1996.
Zamboni:96: Diego M. Zamboni. SAINT: A security analysis integration tool. In Systems Administration, Networking and Security Conference, May 1996.

Intrusion Detection Systems

Start

Credits

Diego Zamboni

Last modified: Mon Sep 20 13:16:47 EST 1999