Ke Wang's Candidate Exam Paper List (04/18/04)
Topic: Anomaly Detection in Network Security

AD in Network Security (currently 21):

  1. A Stateful Intrusion Detection System for World-Wide Web Servers G. Vigna, W. Robertson, V. Kher, and R.A. Kemmerer, Proceedings of ACSAC  2003.
  2. Bro: A System for Detecting Network Intruders in Real-Time, V. Paxson, Computer Networks, 31(23-24), pp. 2435-2463, 14 Dec. 1999
  3. Enhancing Byte-Level Network Intrusion Detection Signatures with Context, R. Sommer and V. Paxson, ACM CCS 2003
  4. Specification Based Anomaly Detection: A New Approach for Detecting Network Intrusions, R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, A. Tiwari, H. Yang & S. Zhou, ACM CCS, 2002.
  5. Anomaly Detection of Web-based Attacks. C. Kruegel and G. Vigna. 10th ACM Conference on Computer and Communication Security (CCS '03)
  6. Service Specific Anomaly Detection for Network Intrusion Detection, C. Krugel, T. Toth & E. Kirda, ACM Symposium on Applied Computing, 2002
  7. A comparative study of anomaly detection schemes in network intrusion detection, A. Lazarevic, L. Ertoz, A. Ozgur, J. Srivastava & V. Kumar. Proc. SIAM Conf. Data Mining, 2003
  8. Detecting Anomalous Network Traffic with Self-Organizing Maps, M. Ramadas, S. Ostermann & B. Tjaden, RAID, 2003
  9. Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks, M. Mahoney and P. Chan, KDD '02
  10. Detecting Malicious Software by Monitoring Anomalous Windows Registry Accesses. S. Stolfo, F Apap, E. Eskin, K. Heller, S. Hershkop, A. Honig, and K. Svore. CU Tech Report Feb. 23, 2004.
  11. DCAP: Detecting Misbehaving Flows via Collaborative Aggregate Policing. C-N. Chuah, L. Subramanian and R. H. Katz,ACM SIGCOMM Computer Communication Review, 2003
  12. A Signal Analysis of Network Traffic Anomalies, Paul Barford, Jeffery Kline, David Plonka and Amos Ron, IMW '02
  13. Sketch-based Change Detection: Methods, Evaluation, and Applications, Balachander Krishnamurthy, Subhabrata Sen, Yin Zhang and Yan Chen, 1st ACM/USENIX Internet Measurement Conference (IMC '03)
  14. Stateful Intrusion Detection for High-Speed Networks. C. Kruegel, F. Valeur, G. Vigna, and R.A. Kemmerer, IEEE Symposium on Research on Security and Privacy (S&P '02)
  15. Information-Theoretic Measures for Anomaly Detection, W. Lee and D. Xiang, S&P '01.
  16. Why 6? Defining the Operational Limits of stide,an Anomaly-Based Intrusion Detector. K. Tan and R. Maxion, S&P '02
  17. Surveillance detection in high bandwidth environments, S. Robertson, E. Siegel, M. Miller & S. Stolfo, Proc. DISCEX, 2003
  18. Fast Portscan Detection Using Sequential Hypothesis Testing, Jaeyeon Jung, Vern Paxson, Arthur W. Berger, Hari Balakrishnan. S&P '04
  19. Internet Quarantine: Requirements for Containing Self-Propagating Code. D. Moore, C. Shannon, G. Voelker, S. Savage. INFOCOM 2003
  20. How to 0wn the Internet in Your Spare Time. S. Stanifold, V. Paxson, N. Weaver. USENIX Security 2002.  
  21. Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics M. Handley, C. Kreibich and V. Paxson, USENIX Security Symposium 2001.

Machine Learning and Data Mining Related (currently 7):

  1. Estimating the Support of a High-Dimensional Distribution, B. Schölkopf, J. Platt, J. Shawe-Taylor, A. Smola, R. Williamson. Report 99-87, Microsoft Research, 1999. 
  2. Efficient Bayesian Parameter Estimation in Large Discrete Domains. Nir Friedman and Yoram Singer, NIPS'98
  3. A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data. E. Eskin, A. Arnold, M. Prerau, L. Portnoy and S. Stolfo.  Data Mining for Security Applications. Kluwer 2002
  4. Anomaly Detection over Noisy Data using Learned Probability Distributions, E. Eskin ICML'00
  5. LOF: Identifying Density-Based Local Outliers. M. Breunig, H. Kriegel, R. Ng, J. Sander, SIGMOD 2000
  6. Outlier detection for high dimensional data, C. Aggarwal, P. Yu, SIGMOD '01
  7. On-line Unsupervised Outlier Detection Using Finite Mixtures with Discounting Learning Algorithms, K. Yamanishi, J. Takeuchi & G. Williams. KDD '00