This is a mirror webpage. Original
webpage is located here.
Intrusion Detection Systems Bibliography
- Currently 75 IDS References -
ADS
. AID
. ALVA
. APA
. ASAX
. AudES
. Autonomous
Agents . CMDS
. ComputerWatch
. CSM
. DECinspect
ID . DIDS
. Discovery
. DRISC
. EMERALD
. ESSENSE
. GASSATA
. GrIDS
. Haystack
. Hyperview
. IDA(1)
. IDA(2)
. IDES
. IDIOT
. Inspect
. ISM
. ISOA
. MIDAS
. NADIR
. NAURS
. NICE
. NIDES
. NIDX
. NSM
. PDAT
. RETISS
. SIDS
. Stake
Out . Stalker
. TIM
. TRW-IDS
. UNICORN
. USTAT
. W&S
Kantzavelou, I., Katsikas, S. K.: An attack detection
system for secure computer systems - Outline of the solution, in Yngström,
L.; Carlsen, J. (eds.): Information Security in Research and Business, Proc.
of the IFIP TC11 13th International Information Security Conference (SEC'97),
Copenhagen, Denmark, May 1997, Chapman & Hall, London, 123 - 135
Kantzavelou, I.; Patel, A.: An attack detection system
for secure computer systems - Design of ADS, Katsikas, S. K.; Gritzalis,
D. (eds.) Information Systems Security, Proc. of the IFIP TC11 12th International
Information Security Conference (SEC'96), May 1996, Samos, Greece, Chapman
& Hall, London, 1996, 1 - 16
Sobirey, M.; Richter, B.; König, H.: The Intrusion
Detection System AID. Architecture, and experiences in automated audit analysis,
in Horster, P. (ed.): Communications and Multimedia Security II, Proc. of
the IFIP TC6 / TC11 International Conference on Communications and Multimedia
Security, Essen, Germany, Sept. 1996, Chapman & Hall, London, 278 - 290
Moitra, A.: Real-time Audit Log Viewer and Analyzer,
Proc. of the 4th Workshop on Computer Security Incident Handling, (Forum
of Incident Response and Security Teams - FIRST), Denver, CO, Aug. 1992
Gupta, S.; Gligor, V. D.: Experience with a penetration
analysis method and tool, Proc. of the 15th National Computer Security Conference,
Baltimore, MD, Oct. 1992, 165 - 183
Habra, N.; Le Charlier, B.; Mounji, A.; Mathieu, I.:
ASAX: Software architecture and rule-based language for universal audit trail
analysis, Deswarte, Y.; Eizenberg, G. (eds.): Proc. of the 2nd European Symposium
on Research in Computer Security (ESORICS' 92), Toulouse, France, Nov. 1992,
435 - 450
Tsudik, G.; Summers, R.: AudES - an expert system for
security auditing, Proc. of the AAAI Conference on Innovative Applications
in AI, ??, ??, May 1990, ??-??, reprinted in: Computer Security Journal 6(19??)1,
89 - 93
Crosbie, M.; Spafford, E. H.: Applying genetic programming
to intrusion detection, Proc. of the 1995 AAAI Fall Symposium on Genetic
Programming, Nov. 1995, ??-??
Crosbie, M.; Spafford, E. H.: Defending a Computer System
using Autonomous Agents, Proc. of the 18th National Information Systems Security
Conference, Baltimore, MD, Oct. 1995, 549 - 558
Proctor, P.: Audit reduction and misuse detection in
heterogeneous environments: Framework and application, Proc. of the 10th
Annual Computer Security Applications Conference, Orlando, FL, Dec. 1994,
117 - 125
Dowell, C.; Ramstedt, P.: The ComputerWatch data reduction
tool, Proc. of the 13th National Computer Security Conference, Washington,
D.C., Oct. 1990, 99 - 108
White, G. B.; Pooch, U.: Cooperating Security Managers:
distributed intrusion detection systems, Computers & Security 15(1996)5,
441 - 450
White, G. B.; Fisch, E. A.; Pooch, U. W.: Cooperating Security
Managers: A Peer-based Intrusion Detection System, IEEE Network Magazine,
IEEE Press, Jan./Feb. 1996, 20 - 23
Holdon, D.: A rule-based intrusion detection system; IT
Security: The need of international cooperation, Proc. of the IFIP TC11 8th
International Conference, ??, ??, ?? 1992, 433 - 440
Snapp, S. R.; Smaha, S. E.; Grance, T.; Teal, D. M.:
The DIDS (Distributed Intrusion Detection System) Prototype, USENIX, Summer
1992 Technical Conference San Antonio, USA, June 1992, Berkley, USENIX Association,
227 - 233
Snapp, S. R.; Brentano, J.; Dias, G. V.; Goan, T. L.;
Heberlein, L. T.; Ho, C.; Levitt, K. N.; Mukherjee, B.; Smaha, S. E.; Grance,
T.; Teal, D. M.; Mansur, D.: DIDS (Distributed Intrusion Detection System)
- Motivation, architecture and an early prototype, Proc. of the 14th National
Computer Security Conference, Washington, D. C., Oct. 1991, 167 - 176
Brentano, J.; Snapp, S. R.; Dias, G. V.; Goan, T. L.;
Heberlein, L. T.; Ho, C. L.; Levitt, K. N.; Mukherjee, B.; Smaha, S. E.:
An Architecture for a Distributed Intrusion Detection System, Proc. of the
14th DoE Computer Security Group Conference, May 1991, 25 - 45
Snapp, S. R.; Brentano, J.; Dias, G. V.; Goan, T. L.;
Grance, T., Heberlein, L. T.; Ho, C.-L.; Levit, K. N.; Mukherjee, B.; Mansur,
D. L.; Pon, K. L.; Smaha, S. E.: A System for Distributed Intrusion Detection,
Proc. of the COMPCON, Feb./March 1991, San Francisco, CA, 170 - 176
Tener, W. T.: Discovery: An expert system in the
commercial data security environment, Grissonnanche, A. (ed.): Proc. of the
4th IFIP TC11 International Conference on Security, IFIP Sec'86, Monte Carlo,
North Holland, Amsterdam, 1989, 261 - 268
Neumann, P. G.: A Comparative Anatomy of Computer System/Network
Anomaly Detection Systems, CSL, SRI BN-168, Menlo Park, CA, 1990 ?, (summary
of ComputerWatch, DRISC, GEMSOS, IDES, NADIR, W&S, Haystack)
Porras, A. Ph.; Neumann, P. G.: EMERALD: Event Monitoring
Enabling Responses to Anomalous Live Disturbances, Proc. of the National
Information Systems Security Conference, ??, ??, ?? 1997, ?? - ??
Valcarce, E. M.; Hoglund, G. W.; Jansen, L.; Baillie,
L.: ESSENSE: An experiment in knowledge-based security monitoring and control,
Proc. of the 3rd USENIX Unix Security Symposium, Baltimore, MD, Sept. 1992,
155 - 170
Me, L.: Genetic Algorithms, a Biologically Inspired
Approach for Security Audit Trails Analysis, short paper, presented at the
1996 IEEE Symposium on Security and Privacy, Oakland, CA, May 1996
Me, L.: Security audit trail analysis using genetic
algorithms, Proc. of the 12th International Conference on Computer Safety,
Reliability and Security, Poznan, Poland, Oct. 1993, 329 - 340
Staniford-Chen, S.; Cheung, S.; Crawford, R.; Dilger,
M.; Frank, J.; Hoagland, J.; Levitt, K.; Wee, C.; Yip, R.; Zerkle, D.: GrIDS
- A Graph Based Intrusion Detection System for Large Networks, Proc. of the
19th National Information Systems Security Conference, Baltimore, MD, Oct.
1996, 361 - 370
Smaha, S. E.: Haystack: An intrusion detection system,
Proc. of the IEEE 4th Aerospace Computer Security Applications Conference,
Orlando, FL, Dec. 1988, 37 - 44
(CS Telecom: Hyperview, Product description, Sept. 1994)
Debar, H.; Dorizzi, B.: An application of a recurrent
network to an intrusion detection system, Proc. of the International Joint
Conference on Neural Networks, Baltimore, MD, June 1992, 478 - 483
Debar, H.; Becker, M.; Siboni D.: A neural network component
for an intrusion detection system, Proc. of the IEEE Symposium on Research
in Security and Privacy, Oakland, CA, May 1992, 1 - 11
Petersen, K. L.: IDA - Intrusion Detection Alert, Proc.
of the IEEE Annual International Computer Software and Applications Conference,
Chicago, IL, Sept. 1992, 306 - 311
Sobirey, M.; Fischer-Hübner, S.; Rannenberg, K.:
Pseudonymous Audit for Privacy Enhanced Intrusion Detection, in: Yngstr"om,
L.; Carlsen, J. (eds.): Information Security in Research and Business, Proc.
of the IFIP TC11 13th International Information Security Conference (SEC'97),
Copenhagen, Denmark, May 1997, Chapman & Hall, London, 151 - 163,
(with subsection on IDA)
Fischer-Hübner, S.; Brunnstein, K.: Combining verified
and adaptive system components towards more secure computer architectures,
Rosenberg, J.; Keedy, J. L. (eds.): Proc. of the International Workshop on
Computer Architectures to Support Security and Persistence of Information,
Bremen, May 1990, section 14, 1 - 7
Lunt, T.; Tamaru, A.; Gilham, F.; Jagannathan, R.; Jalali,
C.; Neumann, P. G.; Javitz, H. S.; Valdes, A.; Garvey, T. D.: A real time
Intrusion Detection Expert System (IDES) - Final Report, SRI International,
Menlo Park, CA, Feb. 1992
Javitz, H. S.; Valdes, A.: The SRI IDES statistical anomaly
detector, Proc. of the Symposium on Research in Security and Privacy, Oakland,
CA, May 1991, 316 - 326
Lunt, T. F.; Tamaru, A.; Gilham, F.; Jagannathan, R.;
Neumann, P. G.; Jalali, C.: IDES: A Progress Report, Proc. of the 6th Annual
Computer Security Applications Conference, Dec. 1990, 273 - 285
Lunt, T. F.: IDES: An Intelligent System for Detecting
Intruders, Proc. of the Symposium: Computer Security, Threat and Countermeasures,
Rom, Italy, Nov. 1990, ?? - ??
Lunt, T. F.; Jagannathan, R.: A Prototype Real-Time Intrusion
Detection Expert System, Proc. of the Symposium on Security and Privacy,
New York, NY, Apr. 1988, 59 - 66
Lunt, T. F.: Knowledge based Intrusion Detection, Proc.
of the Annual AI Systems in Government Conference, Washington, D. C., March
1989, 102 - 107
Denning, D. E.; Neumann, P. G.: Requirements and Model
for IDES - A Real-Time Intrusion Detection Expert System, Technical Report,
Computer Science Laboratory, SRI International, Menlo Park, CA, 1985
Crosbie, M.; Dole, B.; Ellis, T.; Krsul, I.; Spafford,
E.: IDIOT - Users Guide, Technical Report TR-96-050, Purdue University, COAST
Laboratory, Sept. 1996
Vigna, G.: Inspect: a Lightweight Distributed Approach
to Automated Audit Trail Analysis, CEFRIEL, Milano, Italy, unpublished
Heberlein, L. T.; Mukherjee, B.; Levitt, K. N.: Internet
Security Monitor: An Intrusion Detection System for Large-Scale Networks,
Proc. of the 15th National Computer Security Conference, Baltimore, MD, Oct.
1992, 262 - 271
Winkler, J. R.; Landry, L. C.: Intrusion and anomaly
detection, ISOA update, Proc. of the 15th National Computer Security Conference,
Baltimore, Oct. 1992, 272 - 281
Winkler, J. R.: A UNIX Prototype for Intrusion and Anomaly
Detection in Secure Networks, Proc. of the 13th National Computer Security
Conference, Washington, D. C., Oct. 1990, 115 - 124
Winkler, J. R.; Page, W. J.: Intrusion and Anomyly Detection
in Trusted Systems, Proc. of the 5th Anual Computer Security Applications
Conference, Tucson, AZ, ??, 39 - 45
Sebring, M. M.; Sellhouse, E.; Hanna, M. E.; Whitehurst,
R. A.: Expert system in intrusion detection: A case study, Proc. of the 11th
National Computer Security Conference, Baltimore, MD, Oct. 1988, 74 - 81
Hochberg, J.; Jackson, K.; Stallings, C.; McClary, J.;
DuBois, D.; Ford, J.: NADIR: An automated system for detecting network intrusions
and misuse, Computers and Security 12(1993)3, May, 253 - 248
Jackson, K. A.: NADIR: A Prototype System for Detecting
Network and File System Abuse, Proc. of the 7th European Conference on Information
Systems, ??, ??, Nov. 1992, ?? - ??
Jackson, K.; DuBois, D. H.; Stallings, C. A.: An expert
system application for network intrusion detection, Proc. of the 14th National
Computer Security Conference, Washington, D. C., Oct. 1991, 215 - 225
Neumann, P. G.; Ostapik, F.: Audit Trail Analysis and
Usage Data Collection and Processing, Part 2, Computer Science Laboratory,
SRI International, May 1987
Neumann, P. G.: Audit trail analysis and usage data collection
and processing, Part 1. Computer Science Laboratory, SRI International, Jan.
1985
Both references are cited in:
Lunt, T. F.: Automated audit trail analysis and intrusion detection:
A survey, Proc. of the 11th National Computer Security Conference, Baltimore,
MD, Oct. 1988, 65 - 73, (p. 70)
Heady, R.; Luger, G.; Macabe, A.; Servilla, M.; Sturtevant,
J.: A prototype implementation of a network-level intrusion detection system,
Technical Report CS91-11, Department of Computer Science, University of
New Mexico, May 1991
Heady, R.; Luger, G.; Macabe, A.; Servilla, M.: The architecture
of a network level intrusion detection system, Technical Report CS90-20,
Department of Computer Science, University of New Mexico, Aug. 1990
Anderson, D.; Lunt, T. F.; Javitz, H.; Tamaru, A.; Valdes,
A.: Detecting Unusaul Program Behavior Using the Stastistical Component
of the Next-generation Intrusion Detection Expert System (NIDES), SRI-CSL-95-06,
SRI International, Menlo Park, CA, May 1995
Anderson, D.; Frivold, Th.; Valdes, A.: Next-generation
Intrusion Detection Expert System (NIDES): A Summary, SRI-CSL-95-07, SRI
International, Menlo Park, CA, May 1995
Bauer, D. S.; Koblentz, M. E.: NIDX - An expert system
for real-time network intrusion detection, Proc. of the IEEE Computer Networking
Symposium, New York, NY, April 1988, 98 - 106
Heberlein, L. T.; Levitt, K. N.; Mukherjee, B.: A method
to detect intrusive activity in a networked environment, Proc. of the 14th
National Computer Security Conference, Washington D. C., Oct. 1991, 362 -
371
Heberlein, L. T.; Dias, G. V.; Levitt, K. N.; Mukherjee,
B.; Wood, J.: Networks Attacks and an Ethernet-based Network Security Monitor,
Proc. of the 13th DOE Security Group Conference, Augusta, GA, May 1990
Heberlein, L. T.; Dias, G. V.; Levitt, K. N.; Mukherjee,
B.; Wood, J.; Wolber, D.: A Network Security Monitor, Proc. of the IEEE Symposium
on Research in Security and Privacy, Oakland, CA, May 1990, 296 - 304
Weiss, W. R. E.; Baur, A.: Analysis of audit and protocol
data using methods from artificial intelligence, Proc. of the 13th National
Computer Security Conference, Washington, D.C., Oct. 1990, 109 - 114
Carettoni, F.; Castano, S.; Martella, G.; Samaratti,
P.: RETISS: A Real Time Security System for Threat Detection using Fuzzy
Logic, Proc. of the 25th Annual IEEE International Carnahan Conference on
Security Technology, ??, ??, Oct. 1991, 161 - 167
Javitz, H. S.; Denning, D. E.; Neumann, P. G.: Analytical
techniques development for a Statistical Intrusion Detection System (SIDS)
based on accounting records, SRI International, Menlo Park, CA, July 1986,
not available for distribution
Harris Corporation: Stake Out. Network surveillance,
White Paper, 1996
Smaha, S. E.; Winslow, J.: Misuse detection tools,
Computer Security Journal 10(1994)1, Spring, 39 - 49
Teng, H. S.; Chen, K.; Lu, S. C.: Security audit trail
analysis using inductively generated predictive rules, Proc. of the 6th Conference
on Artificial Intelligence Applications, Santa Barbara, CA, May 1990, 24-29
Teng, H. S.; Chen, K.; Lu, S. C.: Adaptive real-time anomaly
detection using inductively generated sequential patterns, Proc. of the
IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1990,
278 - 284
TRW Defense Systems Group: Intrusion Detection Expert System
Feasibility Study, Final Report 46761, 1986
Christoph, G. G.; Jackson, K. A.; Neumann, M. C.;
Siciliano, Ch. L. B.; Simmonds, D. D.; Stallings, C. A.; Thompson, J. L.:
UNICORN: Misuse Detection for UNICOS, Proc. of the Supercomputing '95, San
Diego, CA, (published on CD-ROM)
Jackson, K.; Neumann, M.; Simmonds, D.; Stallings,
C.; Thompson, J.; Christoph, G.: An Automated Computer Misuse Detection System
for UNICOS, Proc. of the Cray Users Group Conference, ??, ??, Oct. 1994,
?? - ??
Illgun, K.; Kemmerer, R. A.; Porras, Ph. A.: State transition
analysis: A rule-based intrusion detection approach, IEEE Transactions on
Software Engineering ??(1995)3, 181 - 199
Ilgun, K.: USTAT: A Real-time Intrusion Detection System
for UNIX, Proc. of the IEEE Computer Society Symposium on Research in Security
and Privacy, May 1993, Oakland, CA, 16 - 28
Liepins, G. E.; Vaccaro, H. S.: Intrusion Detection: It's
role and validation, Computers & Security 11/1992, 347 - 355
Liepins, G. E.; Vaccaro, H. S.: Anomaly detection purpose
and framework, Proc. of the 12th National Computer Security Conference, Baltimore,
MD, Oct. 1989, 495 - 504
Vaccaro, H. S.; Liepins, G. E.: Detection of anomalous computer
session activity, Proc. of the Symposium on Research in Security and Privacy,
Oakland, CA, May 1989, 280 - 289, (LA-UR-94-3378)
Additions are appreciated.
sobirey@Informatik.TU-Cottbus.DE
last update: 14-11-1997
[an error occurred while processing this directive] Mirror Last
Updated: [an error occurred while processing this directive]