, Inmon corporation's sflow : A method for monitoring traffic in switched and routed networks, 2001.
, Requirements for ip flow information export (ipfix), 2004.
, L'état d'internet, 2017.
, Worldwide DDoS Attacks & Cyber Insights Research Report, 2017.
, Snort : Lightweight Intrusion Detection for Networks, LISA '99 : 13th Systems Administration Conference, pp.229-238, 1999.
, Bro : a system for detecting network intruders in real-time, Comput. Netw, vol.31, issue.23-24, pp.2435-2463, 1999.
, Syntax vs. semantics : competing approaches to dynamic network intrusion detection, International Journal of Security and Networks, vol.3, issue.1, pp.24-35, 2008.
, Protocol anomaly detection and verification, Assur. Work. 2004. Proc. from, pp.10-11, 2004.
, Specification-based Anomaly Detection : A New Approach for Detecting Network Intrusions, CCS '02 : Proceedings of the 9th ACM Conference on Computer and communications security, pp.265-274, 2002.
, Intrusion Detection using Artificial Neural Network, Second International conference on Computing, Communication and Networking Technologies, pp.1-7, 2010.
, Outlier Detection Using Replicator Neural Networks, Data Warehousing and Knowledge Discovery, pp.170-180, 2002.
, Intrusion Detection Method Based on Wavelet Neural Network, 2009 Second International Workshop on Knowledge Discovery and Data Mining, pp.851-854, 2009.
, Training a Neural-Network Based Intrusion Detector to Recognize Novel Attacks, IEEE Transactions on Systems, Man, and Cybernetics, vol.31, issue.4, pp.294-299, 2001.
, A research using hybrid RBF/Elman neural networks for intrusion detection system secure model, Computer Physics Communications, vol.180, issue.10, pp.1795-1801, 2009.
, Network Anomaly Detection with Stochastically Improved Autoencoder Based Models, 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud), pp.193-198, 2017.
, Support-Vector Networks, Machine Learning, vol.20, pp.273-297, 1995.
, Theoretical Foundations of the Potential Function Method in Pattern Recognition Learning, Automation and Remote Control, vol.25, pp.821-837, 1964.
, Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems, Sixth International Conference on Data Mining (ICDM'06), pp.488-498, 2006.
, McPAD : A Multiple Classifier System for Accurate Payload-based Anomaly Detection, Computer Networks, vol.53, issue.6, pp.864-881, 2009.
, A new intrusion detection system using support vector machines and hierarchical clustering, The VLDB Journal, vol.16, issue.4, pp.507-521, 2006.
, Adam, ACM SIGMOD Record, vol.30, issue.4, p.15, 2001.
, Learning Rules for Anomaly Detection of Hostile Network Traffic, International Conference on Data Mining (ICDM), pp.601-604, 2003.
, A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach, Computers & Security, vol.28, issue.5, pp.301-309, 2009.
, Distributed denial of service attack detection using an ensemble of neural classifier, Computer Communications, vol.34, issue.11, pp.1328-1341, 2011.
, Ensemble-learning Approaches for Network Security and Anomaly Detection, Proceedings of the Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, pp.1-6, 2017.
, An Efficient Local Region and ClusteringBased Ensemble System for Intrusion Detection, Proceedings of the 15th Symposium on International Database Engineering & Applications-IDEAS '11, p.185, 2011.
URL : https://hal.archives-ouvertes.fr/hal-00631503
, Modified Mutual Information-based Feature Selection for Intrusion Detection Systems in Decision Tree Learning, Journal of Computers, vol.9, issue.7, pp.1542-1546, 2014.
, Anomaly Intrusion Detection Method Based on Rough Set Theory, Electronics Letters, vol.38, issue.13, pp.663-664, 2002.
, Intrusion Detection using Continuous Time Bayesian Networks, Journal of Artificial Intelligence Research, vol.39, pp.745-774, 2010.
, MAWILab : Combining Diverse Anomaly Detectors for Automated Anomaly Labeling and Performance Benchmarking, Proceedings of the 6th International Conference on Emerging Networking Experiments and Technologies, 2010.
URL : https://hal.archives-ouvertes.fr/ensl-00552071
, Lbnl dataset
, A Nonparametric Adaptive Cusum Method And Its Application In Network Anomaly Detection, International Journal of Advancements in Computing Technology, vol.4, issue.1, pp.280-288, 2012.
, Combining Filtering and Statistical Methods for Anomaly Detection, Proceedings of the 5th ACM SIGCOMM Conference on Internet Measurement, vol.5, pp.331-334, 2005.
URL : https://hal.archives-ouvertes.fr/hal-01489028
, Mining Anomalies Using Traffic Feature Distributions, ACM SIGCOMM Computer Communication Review, vol.35, issue.4, p.217, 2005.
, Detection and Identification of Network Anomalies Using Sketch Subspaces, Proceedings of the 6th ACM SIGCOMM conference on Internet measurement, pp.147-152, 2006.
, Predictive Network Anomaly Detection and Visualization, IEEE Transactions on Information Forensics and Security, vol.5, issue.2, pp.288-299, 2010.
, Accurate network anomaly classification with generalized entropy metrics, Computer Networks, vol.55, issue.15, pp.3485-3502, 2011.
, Entropy-based Network Anomaly Detection, 2017 International Conference on Computing, Networking and Communications (ICNC), pp.334-340, 2017.
, Unsupervised Network Intrusion Detection Systems : Detecting the Unknown without Knowledge, Computer Communications, vol.35, issue.7, pp.772-783, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00736278
, PHAD : Packet Header Anomaly Detection for Identifying Hostile Network Traffic, 2001.
, Service Specific Anomaly Detection for Network Intrusion Detection, Proceedings of the 2002 ACM symposium on, pp.201-208, 2002.
, Object recognition supported by user interaction for service robots, vol.4, pp.385-388, 2002.
, Next-generation Intrusion Detection Expert System (NIDES) : A summary, 1995.
, Detecting Unusual Program Behavior Using the Stastistical Component of the Next-generation Intrusion Detection Expert System (NIDES), Computer Science Laboratory SRI-CSL, issue.910097, pp.6-95, 1995.
, EMERALD : Event Monitoring Enabling Responses to Anomalous Live Disturbances, Proc. 20th NIST-{NCSC} National Information Systems Security Conference, pp.353-365, 1997.
, A Novel Anomaly Detection System using Feature-based MSPCA with Sketch, 2017 26th Wireless and Optical Communication Conference (WOCC), pp.1-6, 2017.
, A hierarchical intrusion detection model based on the PCA neural networks, Neurocomputing, vol.70, issue.7-9, pp.1561-1568, 2007.
, HMMPayl : An intrusion detection system based on Hidden Markov Models, Computers & Security, vol.30, issue.4, pp.221-241, 2011.
, Network Anomaly Detection Based on Wavelet Analysis, EURASIP Journal on Advances in Signal Processing, issue.1, p.837601, 2009.
, Outlier Detection Using k-Nearest Neighbour Graph, Proceedings of the 17th International Conference on Pattern Recognition (ICPR'04), vol.3, pp.430-433, 2004.
, KDD Cup 1999 Data, pp.2018-2019
, LOF : Identifying DensityBased Local Outliers, Proceedings of the 2000 ACM Sigmod International Conference on Management of Data, pp.1-12, 2000.
, Incremental Local Outlier Detection for Data Streams, 2007 IEEE Symposium on Computational Intelligence and Data Mining, pp.504-515, 2007.
, MINDS-Minnesota Intrusion Detection System, pp.199-218, 2004.
, Data Mining for Cyber Security, Data Warehousing and Data Mining Techniques for Computer Security, pp.1-20, 2006.
, Fast Mining of Distance-Based Outliers in High-Dimensional Datasets, Data Mining and Knowledge Discovery, vol.16, issue.3, pp.349-364, 2008.
, Algorithms for Mining Distance-Based Outliers in Large Datasets, 24th International Conference on Very Large Data Bases, pp.392-403, 1998.
, Mining Distance-Based Outliers in Near Linear Time with Randomization and a Simple Pruning Rule, Proceedings of the Ninth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp.29-38, 2003.
, Multidimensional Binary Search Trees Used for Associative Searching, Communications of the ACM, vol.18, issue.9, pp.509-517, 1975.
, R-trees : A Dynamic Index Structure for Spatial Searching, Proceedings of the 1984 ACM SIGMOD International Conference on Management of Data, pp.47-57, 1984.
, The X-tree : An Index Structure for High-Dimensional Data, Proceedings of the 22th International Conference on Very Large Data Bases, pp.28-39, 1996.
, Survey on Incremental Approaches for Network Anomaly Detection, International Journal of Communication Networks and Information Security, vol.3, issue.3, pp.226-239, 2011.
, K-Means+ID3 : A Novel Method for Supervised Anomaly Detection by Cascading K-Means Clustering and ID3 Decision Tree Learning Methods, IEEE Transactions on Knowledge and Data Engineering, vol.19, issue.3, pp.345-354, 2007.
, A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise, Second International Conference on Knowledge Discovery and Data Mining, pp.226-231, 1996.
, Online and Scalable Unsupervised Network Anomaly Detection Method, vol.14, pp.34-47, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01406273
, Unsupervised Network Anomaly Detection Based on Abnormality Weights and Subspace Clustering, Sixth International Conference on Information Science and Technology, pp.482-486, 2016.
, Intrusion Detection with Unlabeled Data Using Clustering, Proceedings of ACM CSS Workshop on Data Mining Applied to Security (DMSA'2001), pp.1-14, 2001.
, A clustering-based method for unsupervised intrusion detections, Pattern Recognition Letters, vol.27, issue.7, pp.802-810, 2006.
, Unsupervised Anomaly Detection in Network Intrusion Detection Using Clusters, Proceedings of the Twenty-eighth Australasian Conference on Computer Science, vol.38, pp.333-342, 2005.
, Scalable Parallel Subspace Clustering Algorithm for Massive Data Sets, Proceedings 2000 International Conference on Parallel Processing, pp.477-484, 2000.
, Automatic Subspace Clustering of High Dimensional Data for Data Mining Applications, ACM SIGMOD Record, vol.27, issue.2, pp.94-105, 1998.
, Mining Frequent Patterns without Candidate Generation, ACM SIGMOD Record, vol.29, issue.2, pp.1-12, 2000.
, Anomaly Detection on Intrusion Detection System Using CLIQUE Partitioning, 2014 2nd International Conference on Information and Communication Technology (ICoICT), pp.7-12, 2014.
, An Effective Unsupervised Network Anomaly Detection Method, Proceedings of the International Conference on Advances in Computing, Communications and Informatics, p.533, 2012.
, Mutual information-based feature selection for intrusion detection systems, Journal of Network and Computer Applications, vol.34, issue.4, pp.1184-1199, 2011.
, A multi-step outlier-based anomaly detection approach to network-wide traffic, Information Sciences, vol.348, pp.243-271, 2016.
, NSOM : A Real-Time Network-Based Intrusion Detection System Using Self-Organizing Maps, Networks and Security, 2002.
, RT-UNNID : A practical solution to real-time network-based intrusion detection using unsupervised neural networks, Computers and Security, vol.25, issue.6, pp.459-468, 2006.
, Machine Learning Approach for IP-Flow Record Anomaly Detection, pp.28-39, 2011.
URL : https://hal.archives-ouvertes.fr/inria-00613602
, Fast Distributed Outlier Detection in Mixed-Attribute Data Sets, Data Mining and Knowledge Discovery, vol.12, issue.2-3, pp.203-228, 2006.
, Toward a more practical unsupervised anomaly detection system, Information Sciences, vol.231, pp.4-14, 2013.
, Network anomaly detection using IP flows with Principal Component Analysis and Ant Colony Optimization, Journal of Network and Computer Applications, vol.64, pp.1-11, 2016.
, Detecting Network Anomalies Using CUSUM and EM Clustering, Proceedings of the 4th International Symposium on Advances in Computation and Intelligence, pp.297-308, 2009.
, Random-Forests-Based Network Intrusion Detection Systems, IEEE Transactions on Systems, Man, and Cybernetics, vol.38, issue.5, pp.649-659, 2008.
, A Hybrid Network Intrusion Detection Technique Using Random Forests, First International Conference on Availability, Reliability and Security (ARES'06), pp.262-269, 2006.
, Discovering Outlier Filtering Rules from Unlabeled Data, Proceedings of the Seventh ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp.389-394, 2001.
, Cisco systems netflow services export version 9, 2004.
, Density-Based Clustering for Real-Time Stream Data, Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining, pp.133-142, 2007.
, A Survey on Unsupervised Outlier Detection in High-Dimensional Numerical Data, Wiley Periodicals, vol.4, issue.5, pp.363-387, 2012.
, Toward developing a systematic approach to generate benchmark datasets for intrusion detection, Computers & Security, vol.31, issue.3, pp.357-374, 2011.
, Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization, Proceedings of the 4th International Conference on Information Systems Security and Privacy, vol.1, pp.108-116, 2018.
, Ontic, pp.2017-2022
, Performance Analysis of Wireless Intrusion Detection Systems, Internet and Distributed Computing Systems : 5th International Conference, IDCS 2012, pp.238-252, 2012.
, DPDKCap, pp.2018-2020
, Fastnetmon
, Tcpreplay
, Adaptive Sampling for Network Management, Journal of Network and Systems Management, vol.9, issue.4, pp.409-434, 2001.
, Adaptive packet sampling for accurate and scalable flow measurement, Global Telecommunications Conference, 2004. GLOBECOM '04. IEEE, vol.3, pp.1448-1452, 2004.
, Per flow packet sampling for high-speed network monitoring, 1st International Conference on Communication Systems and Networks and Workshops, 2009.