메뉴 건너뛰기




Volumn 17, Issue 1, 2009, Pages 54-65

A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors

Author keywords

Anomaly detection; Browsing behaviors; DDoS; Hidden semi Markov Model; M algorithm

Indexed keywords

ALGORITHMS; MARKOV PROCESSES; MOTION ESTIMATION; TRANSMISSION CONTROL PROTOCOL;

EID: 61449197774     PISSN: 10636692     EISSN: None     Source Type: Journal    
DOI: 10.1109/TNET.2008.923716     Document Type: Article
Times cited : (203)

References (26)
  • 1
    • 1242321281 scopus 로고    scopus 로고
    • C. Douligeris and A. Mitrokotsa, DDoS attacks and defense mechanisms: Classification and state-of-the-art, Computer Networks: The Int. J. Computer and Telecommunications Networking, 44, no. 5, pp. 643-666, Apr. 2004.
    • C. Douligeris and A. Mitrokotsa, "DDoS attacks and defense mechanisms: Classification and state-of-the-art," Computer Networks: The Int. J. Computer and Telecommunications Networking, vol. 44, no. 5, pp. 643-666, Apr. 2004.
  • 4
    • 0038729330 scopus 로고    scopus 로고
    • Protection from distributed denial of service attacks using history-based IP filtering
    • May
    • T. Peng, K. R. mohanarao, and C. Leckie, "Protection from distributed denial of service attacks using history-based IP filtering," in Proc. IEEE Int. Conf. Communications, May 2003, vol. 1, pp. 482-486.
    • (2003) Proc. IEEE Int. Conf. Communications , vol.1 , pp. 482-486
    • Peng, T.1    mohanarao, K.R.2    Leckie, C.3
  • 5
    • 51149105210 scopus 로고    scopus 로고
    • Proactive detection of distributed denial of service attacks using MIB traffic variables a feasibility study
    • May
    • J. B. D. Cabrera et al., "Proactive detection of distributed denial of service attacks using MIB traffic variables a feasibility study," in Proc. IEEE/IFIP Int. Symp. Integrated Network Management May 2001, pp. 609-622.
    • (2001) Proc. IEEE/IFIP Int. Symp. Integrated Network Management , pp. 609-622
    • Cabrera, J.B.D.1
  • 7
    • 35048886560 scopus 로고    scopus 로고
    • Detecting distributed denial of service (DDoS) attacks through inductive learning
    • S. Noh, C. Lee, K. Choi, and G. Jung, "Detecting distributed denial of service (DDoS) attacks through inductive learning," Lecture Notes in Computer Science, vol. 2690, pp. 286-295, 2003.
    • (2003) Lecture Notes in Computer Science , vol.2690 , pp. 286-295
    • Noh, S.1    Lee, C.2    Choi, K.3    Jung, G.4
  • 9
    • 33845591142 scopus 로고    scopus 로고
    • DDoS-resilient scheduling to counter application layer attacks under imperfect detection
    • Apr. 2006 [Online, Available
    • S. Ranjan, R. Swaminathan, M. Uysal, and E. Knightly, "DDoS-resilient scheduling to counter application layer attacks under imperfect detection," in Proc. IEEE INFOCOM, Apr. 2006 [Online]. Available: http://www-ece.rice.edu/~networks/papers/dos-sched.pdf
    • Proc. IEEE INFOCOM
    • Ranjan, S.1    Swaminathan, R.2    Uysal, M.3    Knightly, E.4
  • 10
    • 36048986923 scopus 로고    scopus 로고
    • Botz-4-Sale: Surviving organized DDoS attacks that mimic flash crowds Mass. Inst. Technol
    • Tech. Report TR-969, Online. Available
    • S. Kandula, D. Katabi, M. Jacob, and A. W. Berger, Botz-4-Sale: Surviving organized DDoS attacks that mimic flash crowds Mass. Inst. Technol., Tech. Report TR-969, 2004 Online. Available: http:// www.usenix.org/events/nsdi05/tech/kandula/kandula.pdf,
    • (2004)
    • Kandula, S.1    Katabi, D.2    Jacob, M.3    Berger, A.W.4
  • 11
    • 0036804084 scopus 로고    scopus 로고
    • Defending against flooding-based distributed denial-of-service attacks: A tutorial
    • Oct
    • R. K. C. Chang, "Defending against flooding-based distributed denial-of-service attacks: A tutorial," IEEE Commun. Mag., pp. 43-51, Oct. 2002.
    • (2002) IEEE Commun. Mag , pp. 43-51
    • Chang, R.K.C.1
  • 12
    • 78149402552 scopus 로고    scopus 로고
    • Online, Available
    • MyDoom virus. [Online]. Available: http://www.us-cert.gov/cas/techalerts/ TA04-028A.html
    • MyDoom virus
  • 13
    • 0037278070 scopus 로고    scopus 로고
    • An efficient forward-backward algorithm for an explicit duration hidden Markov model
    • Jan
    • S.-Z. Yu and H. Kobayashi, "An efficient forward-backward algorithm for an explicit duration hidden Markov model," IEEE Signal Process. Lett., vol. 10, no. 1, pp. 11-14, Jan. 2003.
    • (2003) IEEE Signal Process. Lett , vol.10 , Issue.1 , pp. 11-14
    • Yu, S.-Z.1    Kobayashi, H.2
  • 15
    • 0021372019 scopus 로고
    • Sequential coding algorithms: A survey and cost analysis
    • Feb
    • J. B. Anderson and S. Mohan, "Sequential coding algorithms: A survey and cost analysis," IEEE Trans. Commun., vol. COM-32, pp. 169-176, Feb. 1984.
    • (1984) IEEE Trans. Commun , vol.COM-32 , pp. 169-176
    • Anderson, J.B.1    Mohan, S.2
  • 17
    • 77953077374 scopus 로고    scopus 로고
    • Flash crowds and denial of service attacks: Characterization and implications for CDNS and web sites
    • May
    • J. Jung, B. Krishnamurthy, and M. Rabinovich, "Flash crowds and denial of service attacks: Characterization and implications for CDNS and web sites," in Proc. 11th IEEE Int. World Wide web Conf., May 2002, pp. 252-262.
    • (2002) Proc. 11th IEEE Int. World Wide web Conf , pp. 252-262
    • Jung, J.1    Krishnamurthy, B.2    Rabinovich, M.3
  • 18
    • 27544453628 scopus 로고    scopus 로고
    • User centric walk: An integrated approach for modeling the browsing behavior of users on the web
    • Apr
    • S. Bürklen et al., "User centric walk: An integrated approach for modeling the browsing behavior of users on the web," in Proc. 38th Annu. Simulation Symp. (ANSS'05), Apr. 2005, pp. 149-159.
    • (2005) Proc. 38th Annu. Simulation Symp. (ANSS'05) , pp. 149-159
    • Bürklen, S.1
  • 19
    • 58449093074 scopus 로고    scopus 로고
    • Combining the web content and usage mining to understand the visitor behavior in a web site
    • Nov
    • J. Velásquez, H. Yasuda, and T. Aoki, "Combining the web content and usage mining to understand the visitor behavior in a web site," in Proc. 3rd IEEE Int. Conf. Data Mining (ICDM'03), Nov. 2003, pp. 669-672.
    • (2003) Proc. 3rd IEEE Int. Conf. Data Mining (ICDM'03) , pp. 669-672
    • Velásquez, J.1    Yasuda, H.2    Aoki, T.3
  • 21
    • 84890861404 scopus 로고    scopus 로고
    • A multi-layer model for anomaly intrusion detection using program sequences of system calls
    • Oct
    • X. D. Hoang, J. Hu, and P. Bertok, "A multi-layer model for anomaly intrusion detection using program sequences of system calls," in Proc. 11th IEEE Int. Conf. Networks, Oct. 2003, pp. 531-536.
    • (2003) Proc. 11th IEEE Int. Conf. Networks , pp. 531-536
    • Hoang, X.D.1    Hu, J.2    Bertok, P.3
  • 24
    • 61449161644 scopus 로고    scopus 로고
    • A. Sarika, A. Saumya, and G. Bryon, DDoS attack simulation, monitoring, and analysis, CS 590D: Security Topics in Networking and Distributed Systems Final Project Report, Apr. 29, 2004, Purdue University, West Lafayette, IN. [Online]. Available: http:// www.cs.purdue.edu/homes/bgloden/DDoS_Attack_Simulation.pdf.
    • A. Sarika, A. Saumya, and G. Bryon, "DDoS attack simulation, monitoring, and analysis," CS 590D: Security Topics in Networking and Distributed Systems Final Project Report, Apr. 29, 2004, Purdue University, West Lafayette, IN. [Online]. Available: http:// www.cs.purdue.edu/homes/bgloden/DDoS_Attack_Simulation.pdf.
  • 25
    • 0038052872 scopus 로고    scopus 로고
    • Random flow network modeling and simulations for DDoS attack mitigation
    • May
    • K. Jiejun et al., "Random flow network modeling and simulations for DDoS attack mitigation," in Proc. IEEE Int. Conf. Communications (ICC '03), May 2003, vol. 1, pp. 487-491.
    • (2003) Proc. IEEE Int. Conf. Communications (ICC '03) , vol.1 , pp. 487-491
    • Jiejun, K.1


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.