Intrusion Detection Bibliography


Anderson:80
James P. Anderson. Computer security threat monitoring and surveillance. Technical report, James P. Anderson Co., Fort Washington, PA, April 1980.

Bellovin:92
Steven M. Bellovin. There be dragons. In Proceedings of the Third Usenix UNIX Security Symposium, April 1992.

Bishop:95
Matt Bishop. A standard audit log format. In Proceedings of the 18th National Information Systems Security Conference, pages 136-145, October 1995.

BishopDilger:96
Matt Bishop and Michael Dilger. Checking for race conditions in file accesses. Computing Systems, 9(2):131-152, Spring 1996.

Crosbie:95
Mark Crosbie. Applying genetic programming to intrusion detection. In Proceedings of 1995 AAAI Fall Symposium on Genetic Programming, November 1995.

CrosbieSpafford:95
Mark Crosbie and Eugene H. Spafford. Defending a computer system using autonomous agents. In Proceedings of the 18th National Information Systems Security Conference, October 1995.

Denning:87
Dorothy E. Denning. An intrusion-detection model. IEEE Transactions on Software Engineering, 13(2):222-232, February 1987.

DoD5200.28-STD
Department of Defense. Trusted Computer System Evaluation Criteria, December 1985. DoD 5200.28-STD.

DowellRamstedt:90
Cheri Dowell and Paul Ramstedt. The ComputerWatch data reduction tool. In Proceedings of the 13th National Computer Security Conference, pages 99-108, October 1990.

forrest-hofmeyr:97
Stephanie Forrest, Steven A. Hofmeyr and Anil Somayaji. Computer Immunology. Communications of the ACM, 40(10):88-96, October 1997.

Goldberg:89
David Goldberg. Genetic Algorithms in Search, Optimization and Machine Learning. Addision-Wesley, 1989.

HabraCharlierEtAl:92
Naji Habra, Baudouin Le Charlier, Abdelaziz Mounji, and Isabelle Mathieu. ASAX: Software architecture and rule-based language for universal audit trail analysis. In Proceedings of European Symposium on Research in Computer Security, pages 435-450, November 1992.

HabraCharlierEtAl:94
Naji Habra, Baudouin Le Charlier, Abdelaziz Mounji, and Isabelle Mathieu. Preliminary report on Advanced Security Audit trail analysis on uniX. Technical report, Institut D'Informatique, FUNDP, September 1994.

HalmeBauer:95
Lawrence R. Halme and R. Kenneth Bauer. AINT misbehaving - a taxonomy of anti-intrusion techniques. In Proceedings of the 18th National Information Systems Security Conference, pages 163-172, October 1995.

HalmeHorne:86
Lawrence R. Halme and John Van Horne. Automated analysis of computer system audit trails for security purposes. In Proceedings of the 9th National Computer Security Conference, pages 71-74, September 1986.

HalmeKahn:88
Lawrence R. Halme and Brial L. Kahn. Building a security monitor with adaptive user work profiles. In Proceedings of the 11th National Computer Security Conference, pages 274-283, October 1988.

HansenAtkins:93
Stephen E. Hansen and Todd Atkins. Automated system monitoring and notification with Swatch. In Proceedings of the USENIX Systems Administration (LISA VII) Conference, pages 145-155, November 1993.

HeadyLugerEtAl:90
Richard Heady, George Luger, Arthur Maccabe, and Mark Servilla. The architecture of a network level intrusion detection system. Technical Report CS90-20, Department of Computer Science, University of New Mexico, August 1990.

HeadyLugarEtAl:91
Richard Heady, George Luger, Arthur Maccabe, Mark Servilla, and John Sturtevant. The prototype implementation of a network level intrusion detection system. Technical Report CS91-11, Department of Computer Science, University of New Mexico, April 1991.

HeberleinDiasEtAl:90
L. Todd Heberlein, Gihan V. Dias, Karl N. Levitt, Biswanath Mukherjee, Jeff Wood, and David Wolber. A network security monitor. In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, pages 296-304, May 1990.

HoaglandWee:95
James Hoagland, Christopher Wee, and Karl Levitt. Audit log analysis using the visual audit browser toolkit. Technical Report CSE-95-11, Department of Computer Science, University of California, Davis, September 1995.

HochbergJacksonEtAl:93
Judith Hochberg, Kathleen Jackson, Cathy Stallings, J. F. McClary, David DuBois, and Josephine Ford. NADIR: An automated system for detecting network intrusion and misuse. Computers & Security, 12(3):235-248, May 1993.

hofmeyr-phdthesis:99
Steven Andrew Hofmeyr. An Immunological Model of Distributed Detection and its Application to Computer Security. Ph.D. Thesis, University of New Mexico, May 1999.

Ilgun:93
Koral Ilgun. USTAT: A real-time intrusion detection system for UNIX. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 16-28, May 1993.

JavitzValdes:91
Harold S. Javitz and Alfonso Valdes. The SRI IDES statistical anomaly detector. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 316-326, 1991.

Kova:92
John Koza. Genetic Programming: On the Programming of Computers by means of Natural Selection. MIT Press, 1992.

Kuhn:86
Jeffrey D. Kuhn. Research toward intrusion detection through automated abstraction of audit data. In Proceedings of the 9th National Computer Security Conference, pages 204-208, September 1986.

KumarSpafford:94
Sandeep Kumar and Eugene H. Spafford. A pattern matching model for misuse intrusion detection. In Proceedings of the 17th National Computer Security Conference, pages 11-21, October 1994.

lane-brodley:98
Terran Lane and Carla E. Brodley. Temporal Sequence Learning and Data Reduction for Anomaly Detection. In Proceedings of the Fifth ACM Conference on Computer and Communications Security, pages 150-158, 1998.

LiepinsVaccaro:89
G. E. Liepins and H. S. Vaccaro. Anomaly detection: Purpose and framework. In Proceedings of the 12th National Computer Security Conference, pages 495-504, October 1989.

Lunt:90
Teresa F. Lunt. IDES: An intelligent system for detecting intruders. In Proceedings of the Symposium: Computer Security, Treat and Countermeasures, Rome, Italy, November 1990.

LuntJagannathan:88
Teresa F. Lunt and R. Jagannathan. A prototype real-time intrusion-detection expert system. In Proceedings of the IEEE Symposium on Security and Privacy, pages 59-66, April 1988.

Lunt:88
Teresea F. Lunt. Automated audit trail analysis and intrusion detection: A survey. In Proceedings of the 11th National Computer Security Conference, pages 65-73, October 1988.

Maes:93
Pattie Maes. Modeling adaptive autonomous agents. Artificial Life, 1(1/2), 1993.

Marshall:91
Victor H. Marshall. Intrusion detection in computers. Booz, Allen & Hamilton Inc., January 1991. Summary of the Trusted Information Systems (TIS) Report on Intrusion Detection Systems.

MounjiCharlier:97
Abdelaziz Mounji and Baudouin Le Charlier. Continuous assessment of a unix configuration: Integrating intrusion detection and configuration analysis. In Proceedings of the the ISOC 1997 Symposium On Network and Distributed System Security, February 1997.

MounjiCharlierEtAl:94
Abdelaziz Mounji, Baudouin Le Charlier, Denis Zampunieris, and Naji Habra. Distributed audit trail analysis. In ISOC '95 Symposium on Network and Distributed System Security, 1995.

MukherjeeHeberleinEtAl:94
Biswanath Mukherjee, L. Todd Heberlein, and Karl N. Levitt. Network intrusion detection. IEEE Network, 8(3):26-41, May/June 1994.

NeumannParker:89
Peter G. Neumann and Donn B. Parker. A summary of computer misuse techniques. In Proceedings of the 12th National Computer Security Conference, pages 396-407, October 1989.

Parker:94
Donn B. Parker. Demonstrating the elements of information security with threats. In Proceedings of the 17th National Computer Security Conference, pages 421-430, 1994.

Proctor:94
Paul Proctor. Audit reduction and misuse detection in heterogeneous environments: Framework and applications. In Proceedings of the 10th Annual Computer Security Applications Conference, pages 117-125, December 1994.

PunchZongker:96
Bill Punch and Douglas Zongker. lil-gp 1.02 users manual. Technical report, Computer Sciences Department, Michigan State University, A-714 Wells Hall, East Lansing, MI 48824, 1996.

SebringShellhouseEtAl:88
Michael M. Sebring, Eric Shellhouse, Mary E. Hanna, and R. Alan Whitehurst. Expert systems in intrusion detection: A case study. In Proceedings of the 11th National Computer Security Conference, pages 74-81, October 1988.

Sibert:88
W. Olin Sibert. Auditing in a distributed system: SunOS MLS audit trails. In Proceedings of the 11th National Computer Security Conference, pages 82-90, October 1988.

Smaha:88
Stephen E. Smaha. Haystack: An intrusion detection system. In Proceedings of the Fourth Aerospace Computer Security Applications Conference, pages 37-44, December 1988.

SnappBrentanoEtAl:91
Steven R. Snapp, James Brentano, Gihan V. Dias, Terrance L. Goan, Tim Grance, L. Todd Heberlein, Che-Lin Ho, Karl N. Levitt, Biswanath Mukherjee, Douglass L. Mansur, Kenneth L. Pon, and Stephen E. Smaha. A system for distributed intrusion detection. In COMPCOM Spring '91 Digest of Papers, pages 170-176, February/March 1991.

SobireyRichterEtAl:96
M. Sobirey, B. Richter, and H. Konig. The intrusion detection system AID. architecture, and experiences in automated audit analysis. In Proceedings of the IFIP TC6/TC11 International Conference on Communications and Multimedia Security, pages 278-290, September 1996.

Stoll:89
Cliff Stoll. The Cuckoo's Egg. Pocket Books, 1989.

Sundaram:96
Aurobindo Sundaram. An introduction to intrusion detection. Crossroads: The ACM Student Magazine, 2(4), April 1996.

tan:neural-nets
Kymie M. C. Tan. The Application of Neural Networks to UNIX Computer Security. Department of Computer Science, University of Melbourne, Parkville 3052, Australia.

VaccaroLiepins:89
H. S. Vaccaro and G. E. Liepins. Detection of anomalous computer session activity. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 280-289, 1989.

WhiteFischEtAl:96a
Gregory B. White, Eric A. Fisch, and Udo W. Pooch. Computer System and Network Security. CRC Press Inc., 1996.

WhiteFischEtAl:96b
Gregory B. White, Eric A. Fisch, and Udo W. Pooch. Cooperating security managers: A peer-based intrusion detection system. IEEE Network, 10(1):20-23, January/February 1996.

Zamboni:96
Diego M. Zamboni. SAINT: A security analysis integration tool. In Systems Administration, Networking and Security Conference, May 1996.

Intrusion Detection Systems Start Credits

Diego Zamboni
Last modified: Mon Sep 20 13:16:47 EST 1999