, Mécanisme d'observation d'attaques sur internet avec rebonds, Symposium sur la Sécurité des Technologies de l'Information et des Communications (SSTIC'07) Adresse Internet : actes. sstic.org/SSTIC07/Observation_Attaques_Internet_Rebond, pp.53-67, 2007.
, Shark : Spy Honeypot with Advanced Redirection Kit, Attack Detection and Mitigation (Mo- nAM'07), pp.47-52, 2007.
, Comparison of physical and software-implemented fault injection techniques, Adl90] L.M. Adleman : An Abstract Theory of Computer Viruses, pp.1115-1133, 2003.
DOI : 10.1109/TC.2003.1228509
, UberLogger : un observatoire niveau noyau pour la lutte informatique défensive Adresse Internet : actes.sstic.org/SSTIC05/ UbberLogger. [AH07] X. Allamigeon et C. Hymans : Analyse statique par interprétation abstraite Adresse Internet : actes.sstic.org/SSTIC07/Heap_Overflow_Analyse_Statique Basic concepts and taxonomy of dependable and secure computing, Symposium sur la Sécurité des Technologies de l'Information et des Communications (SSTIC'05) Symposium sur la Sécurité des Technologies de l'Information et des Communications (SSTIC'07), pp.3-540, 1990.
, Lessons learned from the deployment of a high-interaction honeypot, 2006 Sixth European Dependable Computing Conference, pp.39-44, 2006.
DOI : 10.1109/EDCC.2006.17
URL : https://hal.archives-ouvertes.fr/hal-00140355
, Un pirate informatique annonce avoir piégé un bookmaker britannique Adresse Internet : www.zataz.com/alerte-phishing/ 14295/casino-bookmarker-argent.html, Bar64] P. Baran : On distributed communications networks, p.12, 1964.
, Provos : A Hybrid Honeypot Architecture for Scalable Network Monitoring. Rapport technique CSE-TR-499-04, 2004.
, Bellovin : There be dragons, Proceedings of the Third Usenix UNIX Security Symposium, pp.1-6, 1992.
, How a Bookmaker and a Whiz Kid Took On an Extortionist ? and Won. CSO Adresse Internet : www.csoonline.com/ read/050105/extortion.html Struyf : A robust measure of skewness, Journal of Computational & Graphical Statistics, vol.13, pp.996-1017, 2003.
, A Gentle Tutorial on the EM Algorithm and its Application to Parameter Estimation for Gaussian Mixture and Hidden Markov Models, 1997.
, The Nepenthes Platform: An Efficient Approach to Collect Malware, 9th International Symposium On Recent Advances In Intrusion Detection (RAID'06), Lecture Notes in Computer Science 4219, pp.165-184, 2006.
DOI : 10.1007/11856214_9
, Information management : A proposal. www.w3.org/ History On measurement of Operational Security. Aerospace and Electronic Systems Magazine, pp.7-16, 1989.
, Adresse Internet : www, pp.7-8, 2007.
, Honeypots: why we need a dynamics honeypots?, Proceedings. 2004 International Conference on Information and Communication Technologies: From Theory to Applications, 2004., p.565, 2004.
DOI : 10.1109/ICTTA.2004.1307887
URL : http://eprints.usm.my/6865/1/Honey_Why_we_need_a_dynamics_honeypots.pdf
, Un pirate britannique arrêté Adresse Internet : www. vulnerabilite.com/pirate-mckinnon-actualite-20050608165503, J.C. Foster et J. Faircloth : Snort, vol.2, issue.0, 2007.
, Cuppens : Les modèles de sécurité, chapitre Sécurité des systèmes d'information, (Traité IC2) sous la direction de Yves Deswarte et Ludovic Mé, pp.13-48, 2006.
, Common Criteria for Information Technology Security Evaluation, Part1 : Introduction and General Model Norme ISO/IEC 15408 The official website of the common criteria project, Adresse Internet : www.commoncriteriaportal.org. [CERa] CERT : Linux kernel do brk() function contains integer overflow, 1999.
, Linux kernel mremap(2) system call does not propertly check return value from do munmap() function, Adresse Internet : www.kb. cert.org/vuls/id/981222. [CER07] CERT Coordination Center : CERT/CC statistics, 1988.
, Claffy : Caida : Visualizing the internet, IEEE Internet Computing, vol.5, issue.1, p.88, 2001.
, Mì ege : Alert correlation in a cooperative intrusion detection framework, Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp.202-215, 2002.
, Computer Viruses : Theory and Experiments, Computers & Security, vol.6, issue.1, pp.22-35, 1987.
, The EM algorithm Adresse Internet : people. csail.mit.edu/mcollins/papers/wpeII.4.ps. [Cor04] J. Corey : Local Honeypot Identification, 1997.
, The evolution of viruses and worms. Dans Statistical Methods in Computer Security, 2004.
, JCrasher: an automatic robustness tester for Java, Software: Practice and Experience, vol.34, issue.11, pp.1025-1050, 2004.
DOI : 10.1002/spe.602
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.135.5357
, The Canadian Trusted Computer Product Evaluation Criteria. Version 3.0e, Canadian System Security Center, 1993.
, Vers uné evaluation quantitative de la sécurité informatique
, Fabre : Intrusion Tolerance in Distributed Computing Systems, Proceedings of the 1991 IEEE Symposium on Security and Privacy, pp.110-121, 1991.
, Privilege graph: An extension to the typed access matrix model, Proceedings of the Third European Symposium on Research in Computer Security (ESORICS'94), pp.319-334, 1994.
DOI : 10.1007/3-540-58618-0_72
, Reference Audit Information Generation for Intrusion Detection Systems, Information Systems Security, Proceedings of the 14th International Information Security Conference (IFIP SEC'98), pp.405-417, 1998.
, The Expectation Maximization Algorithm Rapport technique GIT-GVU-02-20, College of Computing, Georgia Institute of Technology, 2002.
, NoSEBrEaK -attacking honeynets . Information Assurance Workshop, Proceedings from the Fifth Annual IEEE SMC, pp.123-129, 2004.
, User Mode Linux, pp.0-13, 2006.
, Flow-based Worm Detection using Correlated Honeypot Logs, pp.181-186, 2007.
, Deswarte : A framework for security assessment of insecure systems, Predictably Dependable Computing Systems (PDCS2), 1993.
, Maximum likelihood from incomplete data via the EM algorithm, Journal of the Royal Statistical Society num. Series B, vol.39, pp.1-38, 1977.
, Synapse : auto-correlation and dynamic attack redirection in an immunologically-inspired ids, Proceedings of the 2006 Australasian workshops on Grid computing and e-research (ACSW Frontiers'06), pp.135-144, 2006.
, Sécurité des systèmes d'information (Traité IC2, série Réseaux et télécoms), chapitre Détection d'intrusions : ´ etat de l'art, faiblesses etprobì emes ouverts Deswarte et D. Powell : Internet security : An intrusion-tolerance approach Spafford : The COPS security checker system, Proceedings of the IEEEDSH] DShield, Cooperative Network Security Community, pp.432-441, 1990.
, Dependability and Performance Evaluation of Intrusion-Tolerant Server Architectures Laboratory ; Global Security Analysis Lab. [Gru69] F. Grubbs : Procedures for detecting outlying observations in samples, Dependable Computing : Proceedings of the First Latin- American Symposium (LADC'2003) Linux-VServer. Adresse Internet : linux-vserver.org. [HA04] V. Hodge et J. Austin : A Survey of Outlier Detection Methodologies, pp.81-101, 1969.
, Testing C programs for buffer overflow vulnerabilities, Proceedings of the Network and Distributed System Security Symposium (NDSS'03), pp.85-126, 2003.
, Adresse Internet : actes.sstic.org/ SSTIC03/Honeypots_UML. [Hon03] Honeynet Project : Know Your Enemy : Learning with VMware, Building Virutal Honeynets using VMware Adresse Internet : www. honeynet.org : Les mondes de la cyber-délinquance et images sociales du pirate informatique. Rencontre SPIRAL 2006-09-26 - S'il te pla??tpla??t... dessine moi un pirate informatique, Symposium sur la Sécurité des Technologies de l'Information et des Communications Adresse Internet : www.cases.public.lu, pp.2006-2015, 2003.
, Organisme public d'aidè a la mise en oeuvre d'un " Internet universel auto-organisé, Adresse Internet : www.isc.org. [ITS91] CCE, Critères d'´ evaluation de la sécurité des Systèmes informatiques. Commission des Communautés Européenne, 1991.
, Les cyberpirates prennent l'Estoniè a l'abordage. Courrier International -Bbc News Online, 2007.
, The Japanese Computer Security Evaluation Criteria ? Functionality Requirements. Draft V1.0. Ministry of International Trade and Industry, 1992.
, Topological analysis of network attack vulnerability. Dans Managing Cyber Threats : Issues, Approaches and Challenges, 2003.
, Information Flow in Large Communication Nets, Thèse de doctorat, Massachusetts Institute of Technology, 1961.
, Multiple patch for VMware Adresse Internet : honeynet.rstack.org/tools/vmpatch
, Fault Tolerance : Principles and Practice, p.387820779, 1990.
, Corneille Dans L'Ombre deMolì ere ? Histoire d'une découverte, Les Impressions Nouvelles, pp.2-906131, 2003.
, Laudicina : Nessus ? a powerful, free remote security scanner Sys Admin : The Journal for UNIX Systems Administrators, pp.24-28, 2002.
, Statically detecting likely buffer overflow vulnerabilities, Proceedings of the 10th conference on USENIX Security Symposium (SSYM'01), pp.14-14, 2001.
, Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation, Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection (RAID'00), pp.162-182, 2000.
DOI : 10.1007/3-540-39945-3_11
, Site d'information concernant Internet
, Inter-Textual Distance and Authorship Attribution Corneille and Moli???re, Journal of Quantitative Linguistics, vol.8, issue.3, pp.213-231, 2001.
DOI : 10.1076/jqul.8.3.213.4100
, ScriptGen: an automated script generation tool for honeyd, 21st Annual Computer Security Applications Conference (ACSAC'05), pp.203-214, 2005.
DOI : 10.1109/CSAC.2005.49
, Game strategies in network security, International Journal of Information Security, vol.4, issue.1-2, pp.71-86, 2005.
DOI : 10.1007/s10207-004-0060-x
, Malicious and Accidental-Fault Tolerance in Internet Applications : conceptual model and architecture, 1999.
, The 1998 Lincoln Laboratory IDS Evaluation, Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection, pp.145-161, 2000.
, The Motor Industry Software Reliability Association : The misra Home Page
, Intrusion detection : A bibliography, 2001.
, Cuppens : La détection d'intrusions : les outils doivent coopérer. La Revue de l'Electricité et de l'Electronique, num, pp.50-55, 2001.
, The spread of the sapphire/slammer worm Adresse Internet : www.caida.org Code-red : a case study on the spread and victims of an internet worm, Proceedings of the Internet Measurement Workshop (IMW), 2002.
, Inferring internet denial-of-service activity, ACM Trans. Comput. Syst, vol.24, issue.2, pp.115-139, 2006.
, Cooperative Association for Internet Data Analysis -CAIDA, 2004.
, Diffie-Hellman, decision Diffie-Hellman, and discrete logarithms, Proceedings. 1998 IEEE International Symposium on Information Theory (Cat. No.98CH36252), p.327, 1998.
DOI : 10.1109/ISIT.1998.708932
, Model-based evaluation: from dependability to security, IEEE Transactions on Dependable and Secure Computing, vol.1, issue.1, pp.48-65, 2004.
DOI : 10.1109/TDSC.2004.11
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.75.6951
, Experimenting with quantitative evaluation tools for monitoring operational security, IEEE Transactions on Software Engineering, vol.25, issue.5, pp.633-650, 1999.
DOI : 10.1109/32.815323
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.44.3072
, The journey, so far : Trends, graphs and statistics, Proceedings of the Virus Bulletin 2007 Conference, 2007.
, White paper : honeypot, honeynet , honeytoken : terminological issues. Rapport technique EURE- COM+1275, 2003.
, Pham : Leurre.com : on the advantages of deploying a large scale distributed honeypot platform, Crime and Computer Conference (ECCE'05), 2005.
, Wide-area traffic : the failure of poisson modeling, Proceedings of the conference on Communications architectures , protocols and applications (SIGCOMM'94), pp.257-268, 1994.
, Virtual Honeypots : From Botnet Tracking to Intrusion Detection, 2007.
, Téléphonie mobile : un pirate démasqué. www. infos-du-net.com/actualite/10987-Mobiles-virus.html [Pla05] V. Planchon : Traitement des valeurs aberrantes : concepts actuels et tendances générales. Biotechnologie, agronomie, société et environnement [Pou06] F. Pouget : Distributed system of honeypot sensors : discrimination and correlative analysis of attack processes [pro] Caida project : Caida analysis of code-red, Thèse de doctorat, Institut Eurécom, pp.19-34, 2005.
, A Methodology for Testing Intrusion Detection Systems, IEEE Transactions on Software Engineering, vol.22, issue.10, pp.719-729, 1996.
, A Language and Environment for Statistical Computing. R Foundation for Statistical Computing isbn : 3-900051-07-0, Adresse Internet : www.R-project. org, RBC07] D. Ramsbrock, R. Berthier et M. Cukier : Profiling Attacker Behavior Following SSH Compromises. Dans International Conference on Dependable Systems and Networks (DSN'07), pp.119-124, 2007.
, Terzis : A multifaceted approach to understanding the botnet phenomenon [rp05] ripe et pluf : Advanced Antiforensics : Self, Internet Measurement Conference Adresse Internet : www.schneier.com/paper-attacktrees-ddj-ft.html. [SCK04] D.P. Siewiorek, R. Chillarege et Z. Kalbarczyk : Reflections on Industry Trends and Experimental Research in Dependability, pp.41-52, 1999.
, Automated Generation and Analysis of Attack Graphs Knapskog : A Game-Theoretic Approach to Stochastic Security and Dependability Evaluation Presedo Quindimil : Bootstrap based goodness-of-fit-tests [Sno02] Snort : The open source network intrusion detection system Adresse Internet : www.snort.org, 2002. [SPE] Specter Intrusion Detection System Adresse Internet : www.specter. com. [Spi02] L. Spitzner : Honeypots : Tracking Hackers isbn : 0321108957. [Spi03a] L. Spitzner : The honeynet project : Trapping the hackers [Spi03b] L. Spitzner : Honeytokens : The Other Honeypot [ste01] stealth : It cuts like a knife ? SSHarp Timing analysis of keystrokes and timing attacks on SSH, Proceedings of the 2002 IEEE Symposium on Security and Privacy Proceedings of the 2nd IEEE International Symposium on Dependable, Automatic and Secure Computing (DASC'06) Adresse Internet : www.securityfocus.com/infocus/1713. [SPW02] S. Staniford, V. Paxson et N. Weaver : How to Own the Internet in Your Spare Time. Dans Proceedings of the 11th USENIX Security Symposium Adresse Internet : www.phrack.org. [Sto88] C. Stoll : Stalking the wily hacker Proceedings of the 10th conference on USE- NIX Security Symposium (SSYM'01) Adresse Internet : www.fas.org/irp/nsa/rainbow/std001.htm. [Tec92] National Institute of Standards and Technology : Federal Criteria for Information Technology Security. Draft, Volume I et II, National Institute of Standards and Technology (NIST) and National Security Agency (NSA), pp.273-284, 1985.
, The Xen virtual machine monitor Adresse Internet : www.cl.cam.ac Kernel Based Virtual Machine Adresse Internet : kvm.qumranet.com/ kvmwiki. [URLb] Linux Virtualization Wiki Adresse Internet : virt.kernelnewbies.org An architecture for an adaptive intrusion tolerant server, Proceedings of the 10th International Workshop on Security Protocols Vanderviere et M. Hubert : An adjusted boxplot for skewed distributions . Dans Proceedings of the 16th Symposium of IASC (COMPS- TAT'04), pp.1933-1940, 2004.
, Intrusion-Tolerant Middleware : The Road to Automatic Security, Wil91] R. Williams : An extremely fast ziv-lempel data compression algorithm. Dans Data Compression Conference, pp.54-62, 1991.
, Security analysis of SITAR intrusion tolerance system, Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems in association with 10th ACM Conference on Computer and Communications Security, SSRS '03, pp.23-32, 2003.
DOI : 10.1145/1036921.1036924
, Collapsar : a VM-based architecture for network attack detention center : Honeypot-aware advanced botnet construction and maintenance, Case Study in Statistical Testing of Reusable Concurrent Objects. Dans Proceedings of the Third European Dependable Computing Conference on Dependable Computing Proceedings of the 13th conference on USENIX Security Symposium International Conference on Dependable Systems and Networks (DSN'06)ZGT02] C. Zou, W. Gong et D. Towsley : Code Red Worm Propagation Modeling and Analysis. Dans Proceedings of the 9th ACM Conference on Computer and Communications Security, pp.401-418, 1999.
, The monitoring and early detection of Internet worms, IEEE/ACM Transactions on Networking, vol.13, issue.5, pp.961-974, 2005.
DOI : 10.1109/TNET.2005.857113