Network attacks: Taxonomy, tools and systems

Journal of Network and Computer Applications

Volumn 40, Issue 1, 2014, Pages 307-324

  Hoque, N ^a   Bhuyan, Monowar H ^a   Baishya, R C ^a   Bhattacharyya, D K ^a   Kalita, J K ^b  

^a TEZPUR UNIVERSITY   (India)

^b University of Colorado at Colorado Springs   (United States)

Author keywords

DoS; Network attacks; Protocol; Systems; Tools

Indexed keywords

COMPUTER SYSTEMS; DOS; NETWORK PROTOCOLS; RESEARCH; SURVEYS; TAXONOMIES; TOOLS;

NETWORK ATTACK; PUBLIC DOMAINS; RESEARCH CHALLENGES;

COMPUTER CRIME;

EID: 84896319063     PISSN: 10848045     EISSN: 10958592     Source Type: Journal    
DOI: 10.1016/j.jnca.2013.08.001     Document Type: Review

References (63)

1. Axelsson S. Intrusion detection systems: a survey and taxonomy. Technical Report, Chalmers University.
2. M. AydIn, A. Zaim, and K. Ceylan A hybrid intrusion detection system design for computer network security Computers and Electrical Engineering 35 3 2009 517 526
3. R. Barber Hacking techniques the tools that hackers use and how they are evolving to become more sophisticated Computer Fraud and Security 2001 3 2001 9 12
4. R. Beverly A robust classifier for passive TCP/IP fingerprinting Passive and Active Network Measurement 2004 158 167
5. M.H. Bhuyan, D.K. Bhattacharyya, and J.K. Kalita Surveying port scans and their detection methodologies The Computer Journal 54 2011 1565 1581
6. M.H. Bhuyan, D.K. Bhattacharyya, and J.K. Kalita Survey on incremental approaches for network anomaly detection International Journal of Communication Networks and Information Security 3 3 2011 226 239
7. Bhuyan M, Bhattacharyya D, Kalita J. NADO: network anomaly detection using outlier approach. In: Proceedings of the 1st international conference on communication, computing and security. New York, NY, USA: ACM; 2011c. p. 531-6.
8. M. Bhuyan, D. Bhattacharyya, and J. Kalita Network anomaly detection methods, systems and tools IEEE Communications Surveys and Tutorials Early Access 1 2013 1 34
9. Brahmi I, Yahia SB, Poncelet P. MAD-IDS: novel intrusion detection system using mobile agents and data mining approaches. In: Proceedings of the Pacific Asia conference on intelligence and security informatics. Berlin, Heidelberg: Springer-Verlag; 2010. p. 73-6.
10. V. Chandola, A. Banerjee, and V. Kumar Anomaly detection a survey ACM Computing Surveys 41 3 2009 15
11. W.-H. Chen, S.-H. Hsu, and H.-P. Shen Application of SVM and ANN for intrusion detection Computer and Operation Research 32 10 2005 2617 2634 (Pubitemid 40219764)
12. Y. Chen, K. Hwang, and W.-S. Ku Collaborative detection of DDoS attacks over multiple network domains IEEE Transactions on Parallel Distributed Systems 18 12 2007 1649 1662 (Pubitemid 350142414)
13. Chu J, Ge Z, Huber R, Ji P, Yates J, Yu Y-C. Alert-ID: analyze logs of the network element in real time for intrusion detection. In: Research in attacks, intrusions, and defenses. Springer; 2012. p. 294-313.
14. Conti G, Abdullah K. Passive visual fingerprinting of network attack tools. In: Proceedings of the 2004 workshop on visualization and data mining for computer security. Washington, DC, USA: ACM; 2004. p. 45-54. (Pubitemid 40821172)
15. I. Corona, G. Giacinto, and F. Roli Adversarial attacks against intrusion detection systems taxonomy, solutions and open issues Information Sciences 239 2013 201 225
16. B. Daniel, C. Julia, J. Sushil, and W. Ningning ADAM a testbed for exploring the use of data mining in intrusion detection ACM SIGMOD Record 30 4 2001 15 24
17. Danielle L. Introduction to DSNIFF. In: Global information assurance certification paper. SANS Institute; 2002.
18. H. Debar, M. Dacier, and A. Wespi Towards a taxonomy of intrusion-detection systems Computer Networks 31 8 1999 805 822
19. H. Debar, M. Dacier, and A. Wespi Towards a taxonomy of intrusion-detection systems Computer Networks 31 9 1999 805 822
20. Deri L, Carbone R, Suin S. Monitoring networks using ntop. In: Proceedings of the 2001 IEEE/IFIP international symposium on integrated network management. Seattle, WA, USA, IEEE; 2001. pp. 199-212.
21. N. Dhanjani, and J. Clarke Network security tools 2005 O'Reilly Media USA
22. Dickerson JE. Fuzzy network profiling for intrusion detection. In: Proceedings of the 19th international conference of the North American fuzzy information processing society. Atlanta; 2000. p. 301-6.
23. L. Ertoz, E. Eilertson, A. Lazarevic, P. Tan, V. Kumar, and J. Srivastava et al. MINDS-minnesota intrusion detection system Next Generation Data Mining 2004 199 218
24. P. Garcia-Teodoro, J. Diaz-Verdejo, G. Maciá-Fernández, and E. Vázquez Anomaly-based network intrusion detection techniques, systems and challenges Computers and Security 28 1 2009 18 28
25. P. Gogoi, D. Bhattacharyya, B. Borah, and J.K. Kalita A survey of outlier detection methods in network anomaly identification Computer Journal 54 4 2011 570 588
26. Hulboj MM, Jurga RE. CERN investigation of network behaviour and anomaly detection. In: Recent advances in intrusion detection. Berlin, Heidelberg: Springer; 2009. p. 353-4.
27. Jemili F, Zaghdoud M, Ben Ahmed M. A framework for an adaptive intrusion detection system using Bayesian network. In: Proceedings of the IEEE intelligence and security informatics; 2007. p. 66-70. (Pubitemid 47469216)
28. Kuang LV. DNIDS: a dependable network intrusion detection system using the CSI-KNN algorithm. Master's Thesis, Queen's University Kingston, Ontario, Canada; September 2007.
29. Labib K, Vemuri R. NSOM: a tool to detect denial of service attacks using self-organizing maps. Technical Report, Department of Applied Science University of California, Davis, California, USA; 2002.
30. Lazarevic A, Kumar V, Srivastava J. Intrusion detection: a survey. In: Managing cyber threats. Springer; 2005. p. 19-78.
31. F.-Y. Lee, and S.-P. Shieh Defending against spoofed DDoS attacks with path fingerprint Computers and Security 24 2005 571 586 (Pubitemid 41455416)
32. B. Li, J. Springer, G. Bebis, and M. Hadi Gunes A survey of network flow applications Journal of Network and Computer Applications 36 2 2013 567 581
33. R.P. Lippmann, and R.K. Cunningham Improving intrusion detection performance using keyword selection and neural networks Computer Networks 34 4 2000 597 603
34. T.F. Lunt A survey of intrusion detection techniques Computers and Security 12 4 1993 405 418
35. S. Mansfield-Devine Anonymous serious threat or mere annoyance? Network Security 2001 1 2011 4 10
36. J. Mirkovic, and P. Reiher D-ward a source-end defense against flooding denial-of-service attacks IEEE Transactions on Dependable Secure Computing 2 3 2005 216 232 (Pubitemid 41560432)
37. Mohajerani M, Moeini A, Kianie M. NFIDS: a neuro-fuzzy intrusion detection system. In: Proceedings of the 10th IEEE international conference on electronics, circuits and systems at the University of Sharjah in Sharjah, United Arab Emirates, vol. 1; 2003. p. 348-51.
38. Norton D. An Ettercap primer. SANS Institute InfoSec Reading Room; 2004.
39. Orebaugh A, Ramirez G, Beale J. Wireshark and Ethereal network protocol analyzer toolkit. Syngress; 2006.
40. V. Paxson Bro a system for detecting network intruders in real-time Computer Networks 31 23 1999 2435 2463
41. T. Peng, C. Leckie, and K. Ramamohanarao Survey of network-based defense mechanisms countering the DoS and DDoS problems ACM Computing Surveys (CSUR) 39 1 2007 3
42. E.S. Pilli, R. Joshi, and R. Niyogi Network forensic frameworks survey and research challenges Digital Investigation 7 1 2010 14 27
43. Pras A, Sperotto A, Moura GCM, Drago I, Barbosa R, Sadre R, et al. Attacks by "anonymous" Wikileaks proponents not anonymous. Technical Report 10.41, Design and Analysis of Communication Systems Group (DACS), University of Twente, Enschede, The Netherlands; 10 December 2010.
44. Ranjan S, Swaminathan R, Uysal M, Knightly E. DDoS-Resilient scheduling to counter application layer attacks under imperfect detection. In: Proceedings of the 25th IEEE international conference on computer communications. Barcelona, Spain; 2006. p. 1-13.
45. Roesch M. Snort - lightweight intrusion detection for networks. In: Proceedings of the 13th USENIX conference on system administration. Washington; 1999. p. 229-38.
46. Satten C. Lossless gigabit remote packet capture with linux, University of Washington Network Systems; 2007.
47. Schiffman MD. Libnet 101, part 1: The primer, Guardent security digital infrastructure; 2000. p. 1-10.
48. Sekar V, Duffield N, Spatscheck O, van der Merwe J, Zhang H. LADS: large-scale automated DDoS detection system. In: Proceedings of the annual conference on USENIX '06 annual technical conference. Berkeley, CA, USA: USENIX Association; 2006. p. 16.
49. S. Shah An introduction to HTTP fingerprinting Net-Square Solutions 2004 1 21
50. Sherif JS, Dearmond TG. Intrusion detection: systems and models. In: Proceedings of the 11th IEEE international workshops on enabling technologies: infrastructure for collaborative enterprises. Rome, Italy, IEEE; 2002. p. 115-33.
51. Singh S, Estan C, Varghese G, Savage S. Automated worm fingerprinting. In: Proceedings of the 6th symposium on operating systems design and implementation, vol. 6. Berkeley, CA, USA: USENIX Association; 2004. p. 4.
52. Song S, Ling L, Manikopoulo C. Flow-based statistical aggregation for network anomaly detection. In: Proceedings of the IEEE international conference on networking, sensing and control. Florida, USA: IEEE, Ft. Lauderdale; 2006. p. 786-91. (Pubitemid 46900587)
53. Subramoniam N, Pawar PS, Bhatnagar M, Khedekar NS, Guntupalli S, Satyanarayana N, et al. Development of a comprehensive intrusion detection system - challenges and approaches. In: Proceedings of the 1st international conference on information systems security. Kolkata, India; 2005. p. 332-5. (Pubitemid 43775420)
54. M. Uddin, A.A. Rehman, N. Uddin, J. Memon, R. Alsaqour, and S. Kazi Signature-based multi-layer distributed intrusion detection system using mobile agents International Journal of Network Security 15 1 2013 79 87
55. G. Vigna, and R.A. Kemmerer Netstat a network-based intrusion detection system Journal of Computer Security 7 1 1999 37 71
56. Wang K, Stolfo SJ. Anomalous payload-based network intrusion detection. In: Recent advances in intrusion detection. Springer; 2004. p. 203-22. (Pubitemid 39741895)
57. Y. Xie, and S.Z. Yu Monitoring the application-layer DDoS attacks for popular websites IEEE/ACM Transactions on Networking 17 1 2009 15 25
58. F. Yarochkin Remote OS detection via TCP/IP stack fingerprinting Phrack Magazine 17 3 1998 1 10
59. N. Ye, T. Ehiabor, and Y. Zhang First-order versus high-order stochastic models for computer intrusion detection Quality and Reliable Engineering International 18 3 2002 243 250 (Pubitemid 34699726)
60. Yeung KH, Fung D, Wong KY. Tools for attacking layer 2 network infrastructure. In: Proceedings of the international multiconference of engineers and computer scientists, vol. 2. Hong Kong; 2008. p. 1-6.
61. Yu J, Li Z, Chen H, Chen X. A detection and offense mechanism to defend against application layer DDoS attacks. In: Proceedings of the 3rd international conference on networking and services. IEEE, National University of Defense Technology, Changsha, 2007. p. 54-60.
62. Zhang Z, Li J, Manikopoulos C, Jorgenson J, Ucles J. HIDE: a hierarchical network intrusion detection system using statistical preprocessing and neural network classification. In: Proceedings of the 2nd annual IEEE systems, cybernetics information assurance workshop. West Point, NY, USA: IEEE Computer Society; 2001. p. 85-90.
63. C.V. Zhou, C. Leckie, and S. Karunasekera A survey of coordinated attacks and collaborative intrusion detection Computers and Security 29 1 2010 124 140