Siguiente: Apéndice D - Normativa legal Arriba: Sistemas de Detección de Intrusiones Previo: Apéndice B - Glosario
Esta bibliografía está basada en una lista iniciada y mantenida por Steve Smaha y su equipo de Haystack Labs junto con algunas modificaciones y actualizaciones hechas por Rebecca Bace. Yo he aprovechado para añadir algunas entradas más de reciente aparición, además de comprobar y actualizar las referencias existentes a documentos en Internet. Se ha procurado incluir en la siguiente lista exclusivamente aquellas referencias bibliográficas relacionadas de una u otra forma con la detección de intrusiones.
Abbott, Robert P., J.S. Chin, J.E. Donnelley, W.L. Konigsford, S. Tokubo, and D.A. Webb, Security Analysis and Enhancements of Computer Operating Systems. Technical report NBSIR 76 - 1041, Institute for Computer Science and Technology, National Bureau of Standards, 1976.
Anderson, James P. Computer Security Threat Monitoring and Surveillance. Fort Washington, PA: James P. Anderson Co., 1980.
_______. Computer Security Technology Planning Study. ESD-TR-73-51, v II. Electronic Systems Division, Air Force Systems Command, Hanscom Field, Bedford, MA, October 1972.
Anderson, Ross. Liability and Computer Security: Nine Principles. Third European Symposium on Research in Computer Security (ESORICS), Brighton, U.K., November 1994.
Anderson, Ross, and R. Needham. Programming Satan's Computer. Computer Science Today, Computer Science Today, Lecture Notes in Computer Science, Springer-Verlag, Heidelberg, Germany, v 1000: 426—441. Springer LNCS v 1000: 426—441.
Axelsson, Stefan. On a Difficulty of Intrusion Detection. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Axelsson, Stefan, U. Lindqvist, U. Gustafson, and E. Jonsson. An Approach to UNIX Security Logging. Proceedings of the Twenty-First National Information System Security Conference, Crystal City, VA, October 1998.
Bace, Rebecca. A New Look at Perpetrators of Computer Crime. Proceedings of the Sixteenth Department of Energy Computer Security Group Conference, Denver, CO, May 1994.
_______. Intrusion Detection. Macmillan Technical Publishing, 2000.
_______ and Peter Mell. Intrusion Detection Systems. [en línea]. [consultado en marzo, 2003]. Disponible en <http://csrc.nist.gov/publications/nistpubs/800-31/sp800-31.pdf>.
Balasubramaniyan, J. S., J. 0. García-Fernández, D. Isacoff, E. H. Spafford, and D. Zamboni. An Architecture for Intrusion Detection Using Autonomous Agents. COAST technical report 98/05, Purdue University, W. Lafayette, IN, June 1998.
Balasubramaniyan, Jai S., J. 0. Garcia-Fernandez, D. Isacoff, E. H. Spafford, and D. Zamboni. An Architecture for Intrusion Detection Using Autonomous Agents. Proceedings of the Fourteenth IEEE Computer Security Applications Conference, Tucson, AZ: 13 - 24, December 1998.
Baldwin, Robert W. Kuang: Rule-Based Security Checking. MIT, Lab for Computer Science Programming Systems Research Group, May 1994.
Baldwin, Robert W. Rule-Based Analysis of Computer Security. Massachusetts Institute of Technology, June 1987.
Banning, Debra, G. Ellingwood, C. Franklin, C. Muckinhirn, and D. Price. Auditing of Distributed Systems. Proceedings of the Fourteenth National Computer Security Conference, Washington, DC, October 1991.
Bauer, David S. and M. E. Koblentz. NIDX—An Expert System for Real-Time Network Intrusion Detection. Proceedings of the IEEE Computer Networking Symposium, New York, NY, pp. 98 - 106, April 1988.
Bishop, Matt. A Model of Security Monitoring. Proceedings of the Fifth Annual Computer Security Applications Conference, Tucson, AZ, December 1989.
_______. A Standard Audit Log Format. Proceedings of the 1995 National Information Systems Security Conference, Baltimore, MD, October 1995.
_______. Vulnerabilities Analysis: Extended Abstract. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Bishop, Matt, S. Cheung, C. Wee, J. Frank, J. Hoagland, and S. Samorodin. The Threat from the Net. IEEE Spectrum 34, no. 8(1997): 56 - 63.
Bishop, Matt and Michael Dilger. Checking for Race Conditions in File Access. Computing Systems 9, no. 2 (Spring 1996): 131 - 152.
Blain, Laurent and Yves Deswarte. An Intrusion-Tolerant Security Server for an Open Distributed System. Proceedings of the European Symposium on Research in Computer Security, Toulouse, France, October 1990.
Bradley, Kirk, S. Cheung, N. Puketza, B. Mukheijee, and B.. A. Olsson. Detecting Disruptive Routers: A Distributed Network Monitoring Approach. Proceedings of the Nineteenth IEEE Symposium on Security and Privacy, Oakland, CA, May 1998.
Brentano, James. An Expert System for Detecting Attacks on Distributed Computer Systems. Master thesis, Division of Computer Science, University of California, Davis, CA, March 1991.
Brentano, James, S. R. Snapp, G. V. Dias, T. L. Goan, L. T. Heberlein, C.-L. Ho, K. N. Leavitt, B. Mukherjee, and S. E. Smaha. An Architecture for a Distributed Intrusion System. DOE Computer Security Conference, Las Vegas, NV, March 1991.
Bridges, Susan M. and Rayford B. Vaughn. Fuzzy Data Mining and Genetic Algorithms applied to Intrusion Detection. Mississippi State University.
Carrettoni, F., S. Castano, G. Martella, and P. Samarati. RETISS: A Real Time Security System for Threat Detection Using Fuzzy Logic. Proceedings of the Twenty-Fifth Annual IEEE International Carnahan Conference on Security Technology, Taipei, Taiwan, October 1991.
Cheswick, William. An Evening with Berferd in Which a Cracker Is Lured, Endured, and Studied. Proceedings of USENIX Security Conference, San Francisco, CA, Winter 1992.
Cheung, Steven, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, J. Rowe, S. Staniford-Chen, B.. Yip, and D. Zerkle. The Design of GrIDS: A Graph-Based Intrusion Detection System. University of California, Davis, Computer Science Department technical report CSE-99 - 2 1999.
Cheung, Steven and K. N. Levitt. Protecting Routing Infrastructures from Denial of Service Using Cooperative Intrusion Detection. Proceedings New Security Paradigms Workshop 1997, Cumbria, U.K., September 1997.
Chung, Christina, M. Gertz, and K. Levitt. Misuse Detection in Database Systems Through User Profiling. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Chung, Mandy, N. Puketza, R. A. Olsson, and B. Mukherjee. Simulating Concurrent Intrusions for Testing Intrusion Detection Systems: Parallelizing Intrusions. Proceedings of the 1995 National Information Systems Security Conference, Baltimore, MD, October 1995.
Christoph, Gary G., K. A. Jackson, M. C. Neumann, C. L. B. Siciliano, D. D. Simmonds, C. A. Stallings, and J. L. Thompson. UNICORN: Misuse Detection for UNICOS. Proceedings of Supercomputing '95, San Diego, CA, December 1995.
Clyde, Allen R. Insider Threat Identification Systems. Proceedings of the Tenth National Computer Security Conference, Washington, DC, September 1987.
_______. A Surveillance-Gate Model for Automated Information Security and Insider Threat Identification on Sensitive Computer Systems. Proceedings of the Second Insider Threat Identification Systems Conference, Rockville, MD, April 1987.
_______. Suspicious Event Testing and Weighted Scoring for the Analysis of a Surveillance Data Set. Proceedings of the Third Insider Threat Identification Systems Conference, Rockville, MD, April 1987.
Crosbie, Mark. Applying Genetic Programming to Intrusion Detection. Proceedings of 1995 AAAI Fall Symposium on Genetic Programming, San Jose, CA, November 1995.
Crosbie, Mark, B. Dole, T. Ellis, I. Krsul, and E. H. Spafford. IDIOT - Users Guide. Technical report TR-96 - 050, Purdue University, COAST Laboratory, W. Lafayette, IN, September 1996.
Crosbie, Mark, and E. H. Spafford. Defending a Computer System Using Autonomous Agents. Proceedings of the Eighteenth National Information Systems Security Conference, Baltimore, MD, October 1995.
D.C.I. Intelligence Information Handling Committee. Proceedings of the 1987 Intrusion Detection Expert System Conference, Vienna, VA, November 1987.
Debar, Herve, M. Becker, and D. Siboni. A Neural Network Component for an Intrusion Detection System. Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1992.
_______ and B. Dorizzi. An Application of a Recurrent Network to an Intrusion Detection System. Proceedings of the International Joint Conference on Neural Networks, Baltimore, MD, June 1992.
Denning, Dorothy E. An Intrusion Detection Model. Proceedings of the 1986 IEEE Symposium on Security and Privacy, Oakland, CA, April 1986.
_______, D. Edwards, R. Jagannathan, T. Lunt, and P. G. Neumann. A Prototype IDES - A Real-Time Intrusion Detection Expert System. Final report, Computer Science Lab, SRI International, Menlo Park, CA, August 1987.
_______. and P. G. Neumann. Requirements and Model for IDES - A Real-Time Intrusion Expert System. Technical report, Computer Science Lab, SRI International, Menlo Park, CA, August 1985.
de Queiroz, Jose Duarte, L. F. Rust da Costa Carmo, L. Pirmez. Micael: An Autonomous Mobile Agent System to Protect Networked Applications of New Generation. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Dias, Gihan, K. N. Levitt, and B. Mukherjee. Modeling Attacks on Computer Systems: Evaluating Vulnerabilities and Forming a Basis for Attack Detection. SRI Intrusion Detection Workshop 5, Menlo Park, CA, May 1990.
Dickerson, John E., Jukka Juslin, Ourania Koukousoula, Julie A. Dickerson. Fuzzy Intrusion Detection. Electrical and Computer Engineering Department. Iowa State University.
Doak, Justin. Intrusion Detection: The Application of Feature Selection, a Comparison of Algorithms, and the Application of a Network Analyzer. Master thesis, University of California, Davis, CA, September 1992.
Dowell, Cheri and P. Ramstedt. The Computerwatch Data Reduction Tool. Proceedings of the Thirteenth National Computer Security Conference, Washington, DC, October 1990.
Farmer, D. and E. H. Spafford. The Cops Security Checker System. In the Proceedings of the Summer of 1990 Usenix Conference, Anaheim, CA: 165 - 170, June 1990.
Farmer, Dan, and W. Venema. Improving the Security of Your Site by Breaking into It. Internet [en línea]. 1993 [consultado en junio, 2003] Disponible desde <http://www.fish.com>.
Farmer, D. and W. Venema. Security Administrator's Tool for Analyzing Networks (SATAN). [en línea]. [consultado en junio, 2003] Disponible desde <http://www.fish.com/zen/satan/satan.htm1>.
Feiertag, Richard, L. Benzinger, S. Rho, and S. Wu. Intrusion Detection Intercomponent Adaptive Negotiation. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Frank, Jeremy. Machine Learning and Intrusion Detection: Current and Future Directions. Proceedings of the Seventeenth National Computer Security Conference, Baltimore, MD, October 1994.
Frincke, Deborah, D. Tobin, and Y. Ho. Planning, Petri Nets, and Intrusion Detection. Proceedings of Twenty-First National Information System Security Conference, Crystal City, VA, October 1998.
Garvey, Thomas D. and T. Lunt. Model-Based Intrusion Detection. Proceedings of the Fourteenth National Computer Security Conference, Washington, DC, October 1991.
Gates, James D. Tools for Identifying the Source of Security Breaches. Proceedings of the Third Insider Threat Identification Systems Conference, Rockville, MD, April 1987.
Gross, Andrew H. Analyzing Computer Intrusions. Ph.D. thesis, University of California, San Diego, Department of Computer Sciences, San Diego, CA, 1997.
Guha, Biswaroop and B. Mukherjee. Network Security via Reverse Engineering of TCP Code: Vulnerability Analysis and Proposed Solutions. Proceedings of the IEEE Infocom '96, San Francisco, CA, March 1996.
Gupta, S. and V. D. Gligor. Experience with a Penetration Analysis Method and Tool. Proceedings of the Fifteenth National Computer Security Conference, Baltimore, MD, October 1992.
Habra, N., B. Le Charlier, and A. Mounji. Preliminary Report on Advanced Security Audit Trail Analysis on UNIX. Universitaires Notre Dame de la Paix, Namur, Belgium, Research report, December 1991.
_______, B. Le Charlier, and A. Mounji. Advanced Security Audit Trail Analysis on UNIX: Implementation Design of the NADF Evaluator. Research report, Universitaires Notre Dame de Ia Paix, Namur, Belgium, March 1993.
_______, B. Lc Charlier, A. Mounji, and I. Mathieu. ASAXL Software Architecture and Rule-Base Language for Universal Audit Trail Analysis. Proceedings of the Second European Symposium on Research in Computer Security (ESOBJCS), Toulouse, France, November 1992.
Halme, Lawrence K and B.. K. Bauer. AJNT Misbehaving - A Taxonomy of Antiintrusion Techniques. Proceedings of the Eighteenth National Information Systems Security Conference, Baltimore, MD, October 1995.
_______ and Brian L. Kahn. Building a Security Monitor with Adaptive User Work Profiles. Proceedings of the Eleventh National Computer Security Conference, Washington, DC, October 1988.
_______ and J. V. Home. Automated Analysis of Computer System Audit Trails for Security Purposes. Proceedings of the Ninth National Computer Security Conference, Washington, DC, September 1986.
Hansen, Stephen E. and T. Atkins. Automated System Monitoring and Notification with Swatch. Proceedings of the USENIX Systems Administration (LISA VII) Conference, Monterey, CA, November 1993.
Haskins, Denis H. Keeping Watch on a VAX. Digital Review, December 16, 1988.
Heady, Richard, G. Luger, A. B. Maccabe, and M. Servilla. The Architecture of a Network Level Intrusion Detection System. Technical report CS90 - 20, Department of Computer Science, University of New Mexico, Albuquerque, NM, August 1990.
_______, G. Luger, A. B. Maccabe, M. Servilla, and J. Sturtevant. The Prototype Implementation of a Network Level Intrusion Detection System. Technical Report CS9 1 - 11, Department of Computer Science, University of New Mexico, Albuquerque, NM, April 1991.
Heberlein, Todd. Network Security Monitor (NSM) - Final Report. Lawrence Livermore National Laboratory, Davis, CA, February 1995.
_______ and M. Bishop. Attack Class: Address Spoofing. Nineteenth National Information Systems Security Conference, Baltimore, MD, October 1996.
_______, K. Levitt, and B. Mukherjee. A Network Security Monitor. Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1990.
_______, K. Levitt, and B. Mukherjee. A Method to Detect Intrusive Activity in a Networked Environment. Proceedings of the Fourteenth National Computer Security Conference, Washington, DC, October 1991.
_______, B. Mukherjee, and K. N. Levitt. Internetwork Security Monitor. Proceedings of the Fifteenth National Computer Security Conference, October 1992.
_______, B. Mukherjee, K. N. Levitt, and G. Dias (with D. Mansur). Towards Detecting Intrusions in a Networked Environment. Proceedings of the Fourteenth Department of Energy Computer Security Group Conference, May 1991.
Helman, Paul and G. Liepins. Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse. IEEE Transactions on Software Engineering 19, no. 9(1993): 886 - 901.
_______ G. Liepins, and W. Richards. Foundations of Intrusion Detection. Proceedings of the Fifth Computer Security Foundations Workshop, Franconia, NH, June 1992.
Hoagland, J., S. Staniford. Silicon Defense. SPICE / SPADE. [en línea]. Actualizado con frecuencia [consultado en marzo, 2003]. Disponible desde Internet en <http://www.silicondefense.com/software/spice/>.
_______, C. Wee, and K. N. Levitt. Audit Log Analysis Using the Visual Audit Browser Toolkit. University of California, Davis, Computer Science Department technical report CSE-95 - 11, 1995.
IBM Research, Zurich Research Laboratory. Andreas Wespi, Marc Dacier, and Herv´e Debar. Intrusion Detection Using Variable-Length Audit Trail Patterns. Springer-Verlag Berlin Heidelberg, 2000.
Ilgun, Koral. USTAT: A Real-Time Intrusion Detection System for UNIX. Master thesis, University of California, Santa Barbara, CA, November 1992.
_______. US TAT: A Real-Time Intrusion Detection System for UNIX. Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1993.
_______, R. A. Kemmerer, and P. A. Porras. State Transition Analysis: A Rule-Based Intrusion Detection Approach. IEEE Transactions on Software Engineering 21, no. 3 (March 1995): 181 - 199.
Jackson, Kathleen A., D. DuBois, and C. Stallings. An Expert System Application for Network Intrusion Detection. Proceedings of the Fourteenth National Computer Security Conference, Washington, DC, October 1991.
_______, M. C. Neumann, D. Simmonds, C. Stallings, J. Thompson, and G. Christoph. An Automated Computer Misuse Detection System for UNICOS. Proceedings of the Cray Users Group Conference, Tours, France, October 1994.
Jajodia, S., S. K. Gadia, G. Bhargava, and E. H. Sibley. Audit Trail Organization in Relational Databases. Proceedings of the 1989 IFIP Workshop on Database Security, Monterey, CA, September 1989.
Javitz, Harold S. and Valdes, A. The SRI IDES Statistical Anomaly Detector. Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1991.
Josué Kuri, Gonzalo Navarro, Ludovic Mé, Laurent Heye. A Pattern Matching Based Filter for Audit Reduction and Fast Detection of Potential Intrusions. Springer-Verlag Berlin Heidelberg, 2000.
Kahn, Clifford, P. Porras, S. Staniford-Chen, and B. Tung. A Common Intrusion Detection Framework. Submitted to the Journal of Computer Security, July 1998.
Kelsey, John and B. Schneier. Minimizing Bandwidth for Remote Access to Cryptographically Protected Audit Logs. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Kerchen, Paul, R. Lo, J. Crossley, G. Elkinbard, and R. Olsson. Static Analysis Virus Detection Tools for UNIX Systems. Proceedings of the Thirteenth National Computer Security Conference, Washington, DC, October 1990.
Kim, Gene H. and E. H. Spafford. Writing, Supporting, and Evaluating Tripwire: A Publicly Available Security Tool. Proceedings of the USENIX UNIX Applications Development Symposium: 89 - 107, 1994.
King, Maria M. Identifying and Controlling Undesirable Program Behaviors. Proceedings of the Fourteenth National Computer Security Conference, Washington, DC, October 1991.
Ko, Calvin C. W. Execution Monitoring of Security-Critical Programs in a Distributed System: A Specification-Based Approach. Ph.D. thesis, University of California, Davis, CA, August 1996.
_______, G. Fink, and K. Levitt. Automated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring. Proceedings of the Tenth Annual Computer Security Applications Conference, Orlando, FL, December 1994.
_______, G. Fink, and K Levitt. 'Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-Based Approach. Proceedings of the IEEE Symposium on Security and Privacy, May 1997.
_______, D. Frincke, T. Goan, L. T. Heberlein, K. Levitt, B. Mukherjee, and C. Wee. Analysis of an Algorithm for Distributed Recognition and Accountability. Proceedings of the First ACM Conference on Computer and Communication Security. Fairfax, VA, November 1993.
Kogan, Boris and S. Jajodia. An Audit Model for Object-Oriented Databases. Proceedings of the Seventh Computer Security Applications Conference, San Antonio, TX, December 1991.
Kuhn, Jeffrey D. Research Toward Intrusion Detection Through the Automated Abstraction of Audit Data. Proceedings of the Ninth National Computer Security Conference, Washington, DC, September 1986.
Kumar, Sandeep. Classification and Detection of Computer Intrusions. Ph.D. thesis, Purdue University Department of Computer Sciences, W. Lafayette, IN, 1995.
_______ and E. Spafford. A Pattern Matching Model for Misuse Intrusion Detection. Proceedings of the Seventeenth National Computer Security Conference, Baltimore, MD, October 1994.
_______ and E. Spafford. A Software Architecture to Support Misuse Intrusion Detection. CSD-TR-95 - 009, Department of Computer Sciences, Purdue University, W. Lafayette, IN, 1995.
Lane, Terran and Carla E. Brodley. An Application of Machine Learning to Anomaly Detection. Proceedings of the Twentieth National Information System Security Conference, Baltimore, MD, October 1997.
_______ and Carla E. Brodley. Detecting the Abnormal: Machine Learning in Computer Security. Purdue University, January 1997.
_______ and Carla E. Brodley. Sequence Matching and Learning in Anomaly Detection for Computer Security. Purdue University, 1997.
Lankewicz, Linda and M. Benard. A Nonparametric Pattern Recognition Approach to Intrusion Detection. Technical report TUTR 90 - 106, Tulane University Department of Computer Science, New Orleans, LA, October 1990.
_______ and M. Benard. Real-Time Anomaly Detection Using a Nonparametric Pattern Recognition Approach. Proceedings of the Seventh Computer Security Applications Conference, San Antonio, TX, December 1991.
Leach, John and Gianni Tedesco. Firestorm. [en línea]. 2002 [consultado en abril, 2003]. Disponible en <http://www.scaramanga.co.uk/firestorm/index.html>.
Lee, Wenke and S. J. Stolfo. Combining Knowledge Discovery and Knowledge Engineering to Build IDSs. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
_______, S. J. Stolfo, and K. W. Mok. A Data Mining Framework for Building Intrusion Detection Models. Proceedings of the Twentieth IEEE Symposium on Security and Privacy, Oakland, CA, 1999.
_______, Wei Fan, Mattew Miller, Salvatore J. Stolfo, Philip K. Chan. Using Anomalies to Detect Unknown and Known Network Intrusions. College of Computing. Georgia Tech. IBM T.J. Watson Research. Columbia University. Computer Science, Florida Tech. November 2001.
_______, and Salvatore J. Stolfo. Adaptative Intrusion Detection: a Data Mining Approach. Computer Science Department, Columbia University, 2000.
_______, Rahul A. Nimbalkar, Kam K. Yee, Sunil B. Patil, Pragneshkumar H. Desai, Thuan T. Tran, and Salvatore J. Stolfo. A Data Mining and CIDF Based Approach for Detecting Novel and Distributed Intrusions. Computer Science Department, North Carolina State University. Computer Science Department, Columbia University, October 2000.
_______, Salvatore J. Stolfo, Kui W. Mok. Mining Audit Data to Build Intrusion Detection Models. Computer Science Department, Columbia University, August 1998.
Lemmonier, E. Protocol Anomaly Detection in Network-based IDSs. Defcom, Sweden, Stockholm, 28 de junio de 2001.
Levitt, Karl, ed. Proceedings of Workshop on Future Directions in Computer Misuse and Anomaly Detection. University of California, Davis, CA, April 1992.
Lichtman, Zavdi and John Kimmins. An Audit Trail Reduction Paradigm Based on Trusted Processes. Proceedings of the Thirteenth National Computer Security Conference, Washington, DC, October 1990.
Liepins, Gunar E. and H. S. Vaccaro. Anomaly Detection: Purpose and Framework. Proceedings of the Twelfth National Computer Security Conference, Washington, DC, October 1989.
_______ and H. S. Vaccaro. Intrusion Detection: Its Role and Validation. Computers and Security, v 11, Oxford, UK: Elsevier Science Publishers, Ltd, 1992: 347 - 35 5.
Lindqvist, Ulf, E. Jonsson, and P. Kaijser. The Remedy Dimension of Vulnerability Analysis. Proceedings of Twenty-First National Information System Security Conference, Crystal City, VA, October 1998.
Lundin, Emilie and E. Jonsson. Privacy versus Intrusion Detection Analysis. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Lunt, Teresa. Automated Audit Trail Analysis and Intrusion Detection: A Survey. Proceedings of the Eleventh National Computer Security Conference, Washington, DC, October 1988.
_______. Real-Time Intrusion Detection. Proceedings of COMPCON Spring '89, San Francisco, CA, February 1989.
_______ and R. Jagannathan. A Prototype Real-Time Intrusion Detection Expert System. Proceedings of the 1988 IEEE Symposium on Security and Privacy, Oaldand, CA, April 1988.
_______, R. Jagannathan, R. Lee, S. Listgarten, D. L. Edwards, P. G. Neumann, H. S. Javitz, and A. Valdez. IDES: The Enhanced Prototype. Computer Science Lab, SRI International, Menlo Park, CA, October 1988.
_______, et al. Knowledge-Based Intrusion Detection. Proceedings of the AT Systems in Government Conference, Washington, DC, March 1989.
_______, et al. A Real-Time Intrusion Detection Expert System (IDES). Computer Science Lab, SRI International, Menlo Park, CA, May 1990.
_______, et al. IDES: A Progress Report. Proceedings of the Sixth Annual Computer Security Applications Conference, Tucson, AZ, December 1990.
McAuliffe, Noelle, D. Wolcott, L. Schaefer, N. Kelem, B. Hubbard, and T. Haley. Is Your Computer Being Misused? A Survey of Current Intrusion Detection Technology. Proceedings of the Sixth Annual Computer Security Applications Conference, Tucson, AZ, December 1990.
McConnell, Jesse, D. A. Frincke, D. Tobin, J. Marconi, and D. Polla. A Framework for Cooperative Intrusion Detection. Proceedings of Twenty-First National Information System Security Conference, Crystal City, VA, October 1998.
McKosky, Robert. An Aposteriori Computer Security System to Identify Computer Viruses. PhD Thesis, University of Alabama in Huntsville, Huntsville, AL, 1989.
Mahoney, Matthew, P. K. Chan. Learning Models of Network Traffic for Detecting Novel Attacks. Florida Tech. technical report 2002-08. Disponible en <http://cs.fit.edu/~tr />
_______, P. K. Chan, Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks, Edmonton, Alberta: Proc. SIGKDD, 2002, 376-385.
_______, P. K. Chan, PHAD: Packet Header Anomaly Detection for Identifying Hostile Network Traffic, Florida Tech. technical report 2001-04. Disponible en <http://cs.fit.edu/~tr/ >.
_______, V.Network Traffic Anomaly Detection Based on Packet Bytes. Florida Institute of Technology, Melbourne, Florida, 2003.
Mandanaris, Stefanos, M. Christensen, D. Zerkle, and K. Hermis. A Data Mining Analysis of RTID Alarms. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Mansfield, Glenn, K. Ohta, Y. Takei, N. Kato, and Y. Nemoto. Towards Trapping Wily Intruders in the Large. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Mé, Ludovic. Security Audit Trail Analysis Using Genetic Algorithms. Proceedings of the Twelfth International Conference on Computer Safety, Reliability, and Security, Poznan, Poland, October 1993.
_______. GASSATA, a Genetic Algorithm as an Alternative Tool for Security Audit Trails Analysis. First International Workshop on the Recent Advances in Intrusion Detection, Louvain-la-Neuve, Belgium, September 1998.
Mell, Peter and M. McLarnon. Mobile Agent Attack Resistant Distributed Hierarchical Intrusion Detection Systems. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Moitra, Abba. Real-Time Audit Log Viewer and Analyzer. Proceedings of the Fourth Workshop on Computer Security Incident Handling, Denver, CO, August 1992.
Mounji, A. Languages and Tools for Rule-Based Distributed Intrusion Detection. Thesis, Faculte's Universitaires Notre-Dame de Ia Paix, Namur, Belgium, September 1997.
Mutaf, Pars. Defending Against a Denial-of-Service Attack on TCP. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
National Computer Security Center. Department of Defense Trusted Computer System Evaluation Criteria. Orange Book, DOD 5200.28-std, December 1985.
_______. DoD Trusted Computer System Evaluation Criteria. DoD 5200.28 - STD, December 1985.
_______. Glossay of Computer Security Terms. Versión 1, Rainbow Series, octubre 1988.
_______. A Guide to Understanding Audit in Trusted Systems. NCSC-TG-OO1, v 2, June 1988.
Neumann, Peter G. and D. B. Parker. A Summary of Computer Misuse Techniques. Proceedings of the Twelfth National Computer Security Conference, October 1989.
_______ and P. A. Porras. Experience with EMERALD to Date. First USENIX Workshop on Intrusion Detection and Network Monitoring, Santa Clara, CA, April 1999.
NFR. Network Flight Recorder. [en línea]. Fecha no disponible [consultado en marzo, 2003]. Disponible desde Internet <http://www.nfr.net>.
O'Brien, David. Recognizing and Recovering from Rootkit Attacks. Sys Admin 5, no. 11, November 1996.
Ong, T. H., C. P. Tan, Y. T. Tan, C. K. Chew, and C. Ting. SNMS - Shadow Network Management System. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Paxson, Vern. Bro: A System for Detecting Network Intruders in Real Time. Seventh USENIX Security Symposium, San Antonio, TX, January 1998.
_______ and M. Handley. Defending Against Network IDS Evasion. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
_______, Bro: A System for Detecting Network Intruders in Real-Time. Lawrence Berkeley National Laboratory, Berkeley, CA and AT&T Center for Internet Research at ICSI, Berkeley, CA. [en línea]. 14 de diciembre de 1999 [consultado en marzo de 2003]. Disponible desde Internet en <http://www.icir.org/vern/bro-info.html>
Piccioto, Jeffrey. The Design of an Effective Auditing Subsystem. Proceedings of the 1987 IEEE Symposium on Security and Privacy, Oakland, CA, April 1987.
Porras, Phiffip. STAT, a State Transition Analysis Tool for Intrusion Detection. Master thesis, Computer Science Department, University of California, Santa Barbara, CA, July 1992.
_______ and R. A. Kemmerer. Penetration State Transition Analysis: A Rule-Based Intrusion Detection Approach.Proceedings of the Eighth Annual Computer Security Applications Conference, San Antonio, TX, November 1992.
_______ and Peter Neumann. EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances. Proceedings of Twentieth National Information System Security Conference, Baltimore, MD, October 1997.
Price, Katherine E. Host-Based Misuse Detection and Conventional Operating Systems' Audit Data Collection. Master thesis, Purdue University, W. Lafayette, IN, December 1997.
Ptacek, Thomas H. and T. Newsham. Insertions, Evasion, and Denial of Service: Eluding Network Intrusion Detection. [en línea]. Enero 1998 [consultado en junio, 2003] Disponible desde < http://www.securityfocus.com/data/library/ids.ps>.
Puketza, Nick, M. Chung, R. A. Olsson, and B. Mukherjee. A Software Platform for Testing Intrusion Detection Systems. IEEE Software 14, no. 5 (1997): 43 - 5 1.
_______, B. Mukherjee, R. A. Olsson, and K. Zhang. Testing Intrusion Detection Systems: Design Methodologies and Results from an Early Prototype. Proceedings of the Seventeenth National Computer Security Conference, Baltimore, MD, October 1994.
_______, K. Zhang, M. Chung, B. Mukherjee, and R. A. Olsson. A Methodology for Testing Intrusion Detection Systems. IEEE Transactions on Software Engineering 22, no. 10: 719 - 729, October 1996.
Rao, K. N. Security Audit for Embedded Avionics Systems. Proceedings of the Fifth Annual Computer Security Applications Conference, Tucson, AZ, December 1989.
Roesch, Marty et al. Snort.org. [en línea]. Actualizado semanalmente [consultado en marzo de 2003]. Disponible en <http://www.snort.org >.
Saltzer, Jerome H. and Michael D. Schroeder. The Protection of Information in Computer Systems. Proceedings of the IEEE, 63, no. 9: 1278 - 1308, September 1975.
Schaefer, Marvin, B. Hubbard, D. Sterne, T. K. Haley, J. N. McAuliffe, and D. Woolcott. Auditing: A Relevant Contribution To Trusted Database Management Systems. Proceedings of the Fifth Annual Computer Security Applications Conference, Tucson, AZ, December 1989.
Schaen, Samuel I. and B. McKenney. Network Auditing: Issues and Recommendations. Proceedings of the Seventh Computer Security Applications Conference, San Antonio, TX, December 1991.
Schneier, Bruce and J. Kelsey. Cryptographic Support for Secure Logs on Untrusted Machines. Proceedings of Seventh USENIX Security Symposium San Antonio, TX: 53 - 62, January 1998.
_______ and J. Kelsey. Secure Audit Logs to Support Computer Forensics. ACM Transactions on Information and System Security 1, no. 3 (1999), to appear.
Sebring, Michael M., E. Shellhouse, M. E. Hanna, and R. A. Whitehurst. Expert Systems in Intrusion Detection: A Case Study. Proceedings of the Eleventh National Computer Security Conference, Washington, DC, October 1988.
Seiden, Kenneth F. and J. P. Melanson. The Auditing Facility for a VMM Security Kernel. Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1990.
Seleznyov, Alexandr and S. Puuronen. Anomaly Intrusion Detection Systems: Handling Temporal Relations Between Events. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Shieh, S. W. and V. D. Gligor. Auditing the Use of Covert Storage Channels in Secure Systems. Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1990.
_______ and V. D. Gligor. A Pattern-Oriented Intrusion Detection Model and Its Applications. Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1991.
Shostack, Adam and Scott Blake. Towards a Taxonomy of Network Security Assessment Techniques. Proceedings of 1999 Black Hat Briefings, Las Vegas, NV, July 1999.
Sibert, W. Olin. Auditing in a Distributed System: SunOS MLS Audit Trails. Proceedings of the Eleventh National Computer Security Conference, Washington, DC, October 1988.
_______. Malicious Data and Computer Security. Proceedings of Nineteenth National Information System Security Conference, Baltimore, MD, October 1996.
Simonian, Richard, et al. A Neural Network Approach Towards Intrusion Detection. Proceedings of the Thirteenth National Computer Security Conference, Washington, DC, October 1990.
Smaha Steve E. An Intrusion Detection System for the Air Force. Proceedings of the Fourth Aurospace Computer Security Applications Conference, Orlando, FL, December 1988.
_______. Haystack: An Intrusion Detection System. Proceedings of the IEEE Fourth Aerospace Computer Security Applications Conference, Orlando, FL, December 1988.
_______ and S. Snapp. Method and System for Detecting Intrusion into and Misuse of a Data Processing System. US555742, U.S. Patent Office, September 17, 1996.
_______ and J. Winslow. Misuse Detection Tools. Computer Security Journal 10, no. 1, Spring 1994.
Smith, C. Fred. Some Unintended Legal Consequences of Intentional Technological Disasters. Second Pacific Institute of Computer Security Workshop, San Diego, CA, February 1999.
_______ and Erin Kenneally. The Ties That Bind and Set Them Pleaing - Testimony from the Envisioned Trial of Kevin Mitnick. Second Pacific Institute of Computer Security Workshop, San Diego, CA, February 1999.
Snapp, Steven R., J. Brentano, G. Dias, T. Goan, T. Grance, T. Heberlein, C. Ho, K. Levitt, B. Mukheijee, D. Mansur, K. Pon, and S. Smaha. A System for Distributed Intrusion Detection. Proceedings of COMPCON Spring '91, San Francisco, CA, February 1991.
_______, J. Brentano, G. Dias, T. Goan, T. Heberlein, C. Ho, K. Levitt, B. Mukherjee, S. Smaha, T. Grance, D. Teal, and D. Mansur. DIDS (Distributed Intrusion Detection System) Motivation, Architecture, and an Early Prototype. Proceedings of the Fourteenth National Computer Security Conference, Washington, DC, October 1991.
_______, B. Mukherjee, and K. N. Levitt. Detecting Intrusions Through Attack Signature Analysis. Proceedings of the Third Workshop on Computer Security Incident Handling. Herndon, VA, August 1991.
Sobirey, M., B. Richter, and H. Konig. The Intrusion Detection System AID: Architecture, and Experiences in Automated Audit Analysis. Proceedings of the IFIPTC6/TC1 1 International Conference on Communications and Multimedia Security, Essen, Germany, September 1996.
Sommer, Peter. Intrusion Detection Systems as Evidence. First International Workshop on the Recent Advances in Intrusion Detection, Louvain-la-Neuve, Belgium, September 1998.
SRI International. System Design Laboratory Laboratory - Intrusion Detection. [en línea]. Fecha no disponible [consultado en enero, 2003]. Next-Generation IDES (NIDES). Disponible desde Internet <http://www.sdl.sri.com/programs/intrusion/history.html>.
Staniford-Chen, Stuart, S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, C. Wee, R. Yip, and D. Zerkle. GrIDS - A Graph-Based Intrusion Detection System for Large Networks. Nineteenth National Information Systems Security Conference, Baltimore, MD, October 1996.
_______, and L. Todd Heberlein. Holding Intruders Accountable on the Internet. Proceedings of the 1995 IEEE Symposium on Security and Privacy, Oakland, CA, May 1995.
Sundaram, Aurobindo. An Introduction to Intrusion Detection. Crossroads: The ACM Student Magazine 2, no.4 (April 1996) available at www.acm.org/crossroads/xrds2 - 4/ intrus. html.
Sytek, Inc. Analysis of Computer System Audit Trails. Sytek technical reports 85009, 85018,86005, 86007, Mountain View, CA, 1985 - 1986.
_______. Al and 4GL: Automated Detection and Investigation and Detection Tools. Proceedings of the IFIP Security Conference, Sydney, Australia, 1988.
Teng, H. S., K. Chen, and S. C. Y. Lu. Adaptive Real-Time Anomaly Detection Using Inductively Generated Sequential Patterns. Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1990.
_______, Kaihu Chen and Stephen C. Lu. Security Audit Trail Analysis Using Inductively Generated Predictive Rules. Proceedings of the 11th National Conference on Artificial Intelligence Applications, pages 24-29, IEEE, IEEE Service Center, Piscataway, NJ, March 1990.
Ting, Christopher, T. H. Ong, Y. T. Tan, and P. Y. Ng. Intrusion Detection, Internet Law Enforcement, and Insurance Coverage to Accelerate the Proliferation of Internet Business. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
TRW Defense Systems Group. Intrusion Detection Expert System Feasibility Study. Final report 46761, 1986.
Tsudik, G. and R. Summers. AudES - An Expert System for Security Auditing. Proceedings of the AAAI Conference on Innovative Applications in Al, San Jose, CA, May 1990, reprinted in Computer Security Journal 6, no. 1 (1990): 89 - 93.
United Nations Committee on Crime Prevention and Control. International Review of Criminal Policy - United Nations Manual on the Prevention and Control of ComputerRelated Crime. Revisions 43 and 44, New York, NY, 1999.
Vaccaro, Henry S. and G. E. Liepins. Detection of Anomalous Computer Session Activity. Proceedings of the 1989 IEEE Symposium on Security and Privacy, Oakland, CA, May 1989.
Valcarce, E. M., G. W. Hoglund, L. Jansen, and L. Baillie. ESSENSE: An Experiment in Knowledge-Based Security Monitoring and Control. Proceedings of the Third USENIX Unix Security Symposium, Baltimore, MD, September 1992.
Vert, Greg, D. A. Frincke, and J. McConnell. A Visual Mathematical Model for Intrusion Detection. Proceedings of Twenty-First National Information System Security Conference, Crystal City, VA, October 1998.
Warrender, C., S. Forrest, and B. Pearimutter. Detecting Intrusions Using System Calls: Alternative Data Models. Proceedings of Twenty-Fifth IEEE Symposium on Security and Privacy, Oakland, CA, May 1999.
Wasserman, Joseph J. The Vanishing Trail. Bell Telephone Magazine 47, no. 4, July - August 1968: 12 - 15.
Wee, Christopher. LAFS: A Logging and Auditing File System. Proceedings of the Eleventh Computer Security Applications Conference, New Orleans, LA, December 1995.
_______. Policy-Directed Auditing and Logging. Ph.D. thesis, University of California, Davis, CA, April 1996.
Weiss, Winfried R. E. and A. Baur. Analysis of Audit and Protocol Data Using Methods from Artificial Intelligence. Proceedings of the Thirteenth National Computer Security Conference, Washington, DC, October 1990.
Wetmore, Brad. Audit Browsing. Master thesis, University of California, Davis, CA, 1993.
White, Greg, E. A. Fisch, and U. W. Pooch. Cooperating Security Managers: A Peer-Based Intrusion Detection System. IEEE Network 10, no. 1: 20 - 23, January - February 1996.
_______, and Udo Pooch. Cooperating Security Managers: Distributed Intrusion Detection Systems. Oxford, UK: Elsevier Science Publishers, Ltd, Computers and Security, v 15, no. 5: 441 - 450, September/October 1996.
Winkler, J. B.. A UNIX Prototype for Intrusion and Anomaly Detection in Secure Networks. Proceedings of the Thirteenth National Computer Security Conference, Washington, DC, October 1990.
_______ and W. J. Page. Intrusion and Anomaly Detection in Trusted Systems. Proceedings of the Fifth Annual Computer Security Applications Conference, Tucson, AZ, December 1989.
Wood, Mark. Intrusion Detection Exchange Format Requirements. Internet draft, Internet Engineering Task Force, June 1999.
Yip, Raymond and K. Levitt. Data Level Inference Detection in Database Systems. Proceedings of the Eleventh IEEE Computer Security Foundations Workshop, Rockport, MA, June 1998.
_______ and K. Levitt. The Design and Implementation of a Data Level Database Inference Detection System. Proceedings of the Twelfth Annual IFIP WG 11.3 Working Conference on Database Security, Chalkidiki, Greece, July 1998.
Yuill, Jim, S. F. Wu, F. Gong, and M-Y. Huang. Intrusion Detection for an Ongoing Attack. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Zamboni, Diego M. SMNT: A Security Analysis Integration Tool. Systems Administration, Networking and Security (SANS) Conference, Washington, DC, May 1996.
_______ and E. H. Spafford. New Directions for the AAFID Architecture. Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection, W. Lafayette, IN, September 1999.
Zerkle, Dan and K. Levitt. NetKuang - A Multi-Host Configuration Vulnerability Checker. Proceedings of the Sixth USENIX Security Symposium, San Jose, CA, July 1996.
Siguiente: Apéndice D - Normativa legal Arriba: Sistemas de Detección de Intrusiones Previo: Apéndice B - Glosario
Sistemas de
Detección de Intrusiones, versión 1.01. Julio,
2003.
Diego González Gómez