Cyber situational awareness through network anomaly detection: state of the art and new approaches

Bartoš, V., Žádník, M. (2012): Network anomaly detection: comparison and real-time issues. In Dependable networks and services (pp. 118–121). Berlin: Springer.

Binsalleeh, H., Ormerod, T., Boukhtouta, A., Sinha, P., Youssef, A., Debbabi, M., Wang, L. (2010): On the analysis of the zeus botnet crimeware toolkit. In 2010 Eighth annual international conference on privacy security and trust (PST) (pp. 31–38). New York: IEEE Press.

Chandola, V., Banerjee, A., Kumar, V. (2009): Anomaly detection: a survey. ACM Comput. Surv. (CSUR), 41(3), 15.

Endsley, M. R. (1995): Toward a theory of situation awareness in dynamic systems. Hum. Factors, 37(1), 32–64.

European Commission (2013): Commission proposal for a directive concerning measures to ensure a high common level of network and information security across the union. http://ec.europa.eu/digital-agenda/en/news/commission-proposal-directive-concerning-measures-ensure-high-common-level-network-and .

Fracker, M. L. (1991): Measures of situation awareness: review and future directions. Technical Report AL-TR-1991-0128, Wright-Patterson Air Force Base.

Friedberg, I., Skopik, F., Settanni, G., Fiedler, R. (2015): Combating advanced persistent threats: from network event correlation to incident detection. Comput. Secur., 48, 35–57.

Hernandez-Ardieta, J. L., Tapiador, J. E., Suarez-Tangil, G. (2013): Information sharing models for cooperative cyber defence. In Cyber conflict (pp. 1–28).

ISO (2012-03-20): Iso/iec27010: Info. tech.: security techniques—information security management for inter-sector and inter-organizational communications.

ITU-T (2012): Recommendation itu-t x. 1500 cybersecurity info. exchange tech.

Jajodia, S., Liu, P., Swarup, V., Wang, C. (2009): Cyber situational awareness: issues and research. Berlin: Springer.

Li, G., Japkowicz, N., Yang, L. (2012): Anomaly detection via coupled Gaussian kernels. In Advances in artificial intelligence (pp. 343–349). Berlin: Springer.

NIST (2014-02-12): Framework for improving critical infrastructure cybersecurity.

Sabahi, F., Movaghar, A. (2008): Intrusion detection: a survey. In 3rd international conference on systems and networks communications, 2008, ICSNC’08 (pp. 23–26). New York: IEEE Press.

Sarter, N. D., Woods, D. D. (1991): Situation awareness: a critical but ill-defined phenomenon. Int. J. Aviat. Psychol., 1, 45–57.

Thottan, M., Ji, C. (2003): Anomaly detection in ip networks. IEEE Trans. Signal Process., 51(8), 2191–2204.

Yin, J., Zhang, G., Chen, Y.-Q., Fan, X.-L. (2004): Multi-events analysis for anomaly intrusion detection. In Proceedings of 2004 international conference on machine learning and cybernetics, 2004 (Vol. 2, pp. 1298–1303). New York: IEEE Press.

Yu, Y. (2012): A survey of anomaly intrusion detection techniques. J. Comput. Sci. Coll., 28(1), 9–17.

Zhang, W., Yang, Q., Geng, Y. (2009): A survey of anomaly detection methods in networks. In International symposium on computer network and multimedia technology, 2009, CNMT 2009 (pp. 1–3). New York: IEEE Press.

Zhang, Y.-l., Han, Z.-g., Ren, J.-x. (2009): A network anomaly detection method based on relative entropy theory. In Second international symposium on electronic commerce and security, 2009, ISECS’09 (Vol. 1, pp. 231–235). New York: IEEE Press.

Zhao, Y., Zheng, Z., Wen, H. (2010): Bayesian statistical inference in machine learning anomaly detection. In 2010 International conference on communications and intelligence information security (ICCIIS) (pp. 113–116). New York: IEEE Press.