, Applying bag of system calls for anomalous behavior detection of applications in linux containers, 2015 IEEE Globecom Workshops, pp.1-5, 2015.
, Outlier Analysis, 2nd, 2016.
, A framework for clustering evolving data streams, Proceedings of the 29th International Conference on Very Large Data Bases, vol.29, pp.81-92, 2003.
, Akamai's state of the internet/Security Q3 2015 report, 2015.
, Detecting anomalies in iaas environments through virtual machine host system call analysis, 7th International Conference for Internet Technology and Secured Transactions, ICITST 2012, pp.211-218, 2012.
, A growing neural gas algorithm with applications in hand modelling and tracking, Advances in Computational Intelligence, pp.978-981, 2011.
, Provable data possession at untrusted stores, Proceedings of the 14th ACM Conference on Computer and Communications Security, ser. CCS '07, 2007.
DOI : 10.1145/1315245.1315318
URL : http://www.cs.berkeley.edu/~dawnsong/papers/p598-ateniese.pdf
, Controlled Virtual Resource Access to Mitigate Economic Denial of Sustainability (EDoS) Attacks against Cloud Infrastructures, International Conference on Cloud Computing and Big Data (CloudCom-Asia), vol.00, pp.346-353, 2013.
, Data Breach Investigations Report, 2009.
, Detecting coresidency with active traffic analysis techniques, CCSW '12, pp.1-12, 2012.
DOI : 10.1145/2381913.2381915
, Fast unfolding of communities in large networks, 2008.
URL : https://hal.archives-ouvertes.fr/hal-01146070
, Detecting insider threats using radish: a system for real-time anomaly detection in heterogeneous data streams, IEEE Systems Journal, vol.11, issue.2, pp.1932-8184, 2017.
, An adaptive algorithm for anomaly and novelty detection in evolving data streams, Data Mining and Knowledge Discovery, 2018.
, Generating test data for insider threat detectors, JoWUA, vol.5, issue.2, pp.80-94, 2014.
, Uc irvine machine learning repository, 2018.
, Entropy-based denial of service attack detection in cloud data center, 2014 Second International Conference on Advanced Cloud and Big Data, pp.201-207, 2014.
, Insider Threat Test Dataset, 2016.
, A study of threat detection systems andâ techniques in the cloud, pp.978-981, 2018.
URL : https://hal.archives-ouvertes.fr/hal-01745762
, A platform for security monitoring of multi-cloud applications, Perspectives of System Informatics, pp.978-981, 2018.
URL : https://hal.archives-ouvertes.fr/hal-01695148
, Multi-cloud applications security monitoring, Green, Pervasive, and Cloud Computing, pp.978-981, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01583350
, Automatic derivation and validation of a cloud dataset for insider threat detection, ICSOFT 2017 : 12th International Conference on Software Technologies, pp.480-487, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01583232
, Snort 2.0 Intrusion Detection, p.1931836744, 2003.
, Anomaly detection: a survey, ACM Comput. Surv, vol.41, issue.3, pp.1-15, 2009.
, An adaptive network intrusion detection approach for the cloud environment, 2015 International Carnahan Conference on Security Technology (ICCST), pp.1-6, 2015.
, Annual Cybersecurity Report, 2017.
, Insider threats to cloud computing: directions for new research challenges, 2012 IEEE 36th Annual Computer Software and Applications Conference, pp.387-394, 2012.
, The Treacherous 12-Cloud Computing Top Threats in 2016, 2016.
, Common sense guide to mitigating insider threats, 2016.
, An ontology for insider threat indicators: development and application, Proceedings of the Ninth Conference on Semantic Technology for Intelligence, Defense, and Security, pp.48-53, 2014.
, Generation of a new ids test dataset: time to retire the kdd collection, 2013 IEEE Wireless Communications and Networking Conference (WCNC), pp.4487-4492, 2013.
, Insider threat report, Crowd Research Partners, 2018.
, The Notorious Nine: Cloud Computing Top Threats in 2013, 2013.
, An overview of insider attacks in cloud computing, Concurrency and Computation: Practice and Experience, vol.27, pp.1532-0634, 2015.
, Insider threat detection using a graph-based approach, Journal of Applied Security Research, vol.6, issue.1, pp.32-81, 2010.
, Multi-domain information fusion for insider threat detection, 2013 IEEE Security and Privacy Workshops, pp.45-51, 2013.
, ENISA Threat Landscape, 2015.
, Agent_Zero:Toward Neurocognitive Foundations for Generative Social Science, 2014.
, Managing insider threat: A holistic approach to dealing with risk from within, Tech. Rep, 2016.
, Dynamic Provable Data Possession, ACM Transactions on Information and System Security (TISSEC), vol.17, issue.4, 2015.
, Understanding insiders: an analysis of risk-taking behavior, Information Systems Frontiers, vol.15, issue.1, pp.1572-9419, 2013.
, Security issues in cloud environments: a survey, Int. J. Inf. Secur, 2014.
, Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing, 2014.
, A growing neural gas network learns topologies, Proceedings of the 7th International Conference on Neural Information Processing Systems, ser. NIPS'94, Denver, pp.625-632, 1994.
, An incremental network for on-line unsupervised classification and topology learning, Neural Networks, vol.19, issue.1, pp.90-106, 2006.
, Graph based framework for malicious insider threat detection, 50th Hawaii International Conference on System Sciences, 2017.
, An empirical comparison of botnet detection methods, Computers and Security, vol.45, pp.100-123, 2014.
, Surveillance and human computer interaction applications of self-growing models, Soft Computing for Information System Security, vol.11, issue.7, pp.1568-4946, 2011.
, Detection of Insider Attacks in Cloud Based e-Healthcare Environment, 2014 International Conference on Information Technology (ICIT), pp.195-200, 2014.
, Supervised and unsupervised methods to detect insider threat from enterprise social and online activity data, JoWUA, vol.6, pp.47-63, 2015.
, A new growing neural gas for clustering data streams, Neural Netw, vol.78, issue.C, pp.36-50, 2016.
, Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysis, Big Data Analytics, vol.1, issue.1, p.6, 2016.
, A comparative evaluation of unsupervised anomaly detection algorithms for multivariate data, PLoS ONE, vol.11, issue.4, pp.1-31, 2016.
, Developing an ontology for individual and organizational sociotechnical indicators of insider threat risk, STIDS, 2016.
, A fingerprinting system calls approach for intrusion detection in a cloud environment, 2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN), pp.309-314, 2012.
, A cloud-based architecture for network attack signature learning, 2015 7th International Conference on New Technologies, Mobility and Security (NTMS), 2015.
, Community detection by label propagation with compression offlow, The European Physical Journal B, vol.89, issue.12, pp.1434-6036, 2016.
, An analysis of security issues for cloud computing, Journal of Internet Services and Applications, vol.4, issue.1, pp.1869-0238, 2013.
, Event Pattern Discovery on IDS Traces of Cloud Services, 2014 IEEE International Conference on Big Data and Cloud Computing (BdCloud), pp.25-32, 2014.
DOI : 10.1109/bdcloud.2014.92
, Anomaly detection and identification scheme for VM live migration in cloud infrastructure, Future Generation Computer Systems, vol.56, pp.736-745, 2016.
DOI : 10.1016/j.future.2015.06.005
, Mobile Agents with Cryptographic Traces For Intrusion Detection in the Cloud Computing, Procedia Computer Science, vol.73, 2015.
, An Enhanced Entropy Approach to Detect and Prevent DDoS in Cloud Environment, IJCNIS, vol.5, issue.2, 2013.
, Risk Management for Computer Security: Protecting Your Network & Information Assets, p.750677953, 2005.
, Security challenges in intrusion detection, 2015 International Conference on Cloud Technologies and Applications (CloudTech), pp.1-11, 2015.
, Prospect Theory: An Analysis of Decision under Risk, Econometrica, vol.47, issue.2, pp.263-291, 1979.
, An insider threat prediction model, Trust, Privacy and Security in Digital Business: 7th International Conference, pp.978-981, 2010.
DOI : 10.1007/978-3-642-15152-1_3
, The insider threat in cloud computing, Critical Information Infrastructure Security: 6th International Workshop, pp.93-103, 2011.
, Learning classifiers for misuse and anomaly detection using a bag of system calls representation, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, pp.118-125, 2005.
, CoBAn: A context based model for data leakage prevention, Information Sciences: an International Journal, vol.262, pp.137-158, 2014.
, A review on intrusion detection techniques for cloud computing and security challenges, 2015 2nd International Conference on Electronics and Communication Systems (ICECS), pp.227-232, 2015.
, CIDD: A Cloud Intrusion Detection Dataset for Cloud Computing and Masquerade Attacks, 2012 Ninth International Conference on Information Technology: New Generations (ITNG), pp.397-402, 2012.
, A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing, Future Generation Computer Systems, vol.28, issue.6, pp.833-851, 2012.
, Adam: A method for stochastic optimization, 2014.
, Self-Organizing Maps, 3rd, p.3540679219, 2001.
, Insider Threat Study: Illicit Cyber Activity in the Information Technology and Telecommunications Sector, 2008.
, Detection of Data Leakage in Cloud Computing Environment, 2014 International Conference on Computational Intelligence and Communication Networks (CICN), pp.803-807, 2014.
, Self-adaptive and dynamic clustering for online anomaly detection, Expert Systems with Applications, vol.38, issue.12, pp.14-891, 2011.
DOI : 10.1016/j.eswa.2011.05.058
, Automated insider threat detection system using user and role-based profile assessment, IEEE Systems Journal, vol.11, issue.2, pp.1932-8184, 2017.
, Towards a conceptual model and reasoning structure for insider threat detection, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, vol.4, 2013.
, Unsupervised anomaly detection in network intrusion detection using clusters, Proceedings of the Twenty-eighth Australasian Conference on Computer Science, vol.38, pp.333-342, 2005.
, VISO: Characterizing Malicious Behaviors of Virtual Machines with Unsupervised Clustering, 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom), 2015.
, Darpa intrusion detection evaluation, 2017.
, Detecting and preventing cyber insider threats: a survey, IEEE Communications Surveys Tutorials, vol.20, issue.2, pp.1397-1417, 2018.
, Malware detection in the cloud under Ensemble Empirical Mode Decomposition, 2015 International Conference on Computing, Networking and Communications (ICNC), pp.82-88, 2015.
, Assessing the impact of intra-cloud live migration on anomaly detection, 2014 IEEE 3rd International Conference on Cloud Networking (CloudNet), 2014.
, A "neural gas" network learns topologies, Proceedings of the International Conference on Artificial Neural Networks, pp.397-402, 1991.
, SP 800-145. The NIST Definition of Cloud Computing, Tech. Rep, 2011.
, A novel hybrid-network intrusion detection system (H-NIDS) in cloud computing, 2013 IEEE Symposium on Computational Intelligence in Cyber Security (CICS), pp.23-30, 2013.
, A survey of intrusion detection techniques in Cloud, JNCA, vol.36, issue.1, pp.42-57, 2013.
, MongoDB, 2018.
, A preliminary model of insider theft of intellectual property, JoWUA, vol.2, issue.1, pp.28-49, 2011.
, Insider threat event detection in user-system interactions, Proceedings of the 2017 International Workshop on Managing Insider Security Threats, ser. MIST '17, pp.1-12, 2017.
, Machine Learning: A Probabilistic Perspective, ser. Adaptive computation and machine learning, p.9780262018029, 2012.
, , 2017.
, Modularity and community structure in networks, Proceedings of the National Academy of Sciences, vol.103, issue.23, pp.8577-8582, 2006.
, Insider threat detection model for the cloud, 2013 Information Security for South Africa, pp.1-8, 2013.
, ISO/IEC 27005: Information technology-Security techniquesInformation security risk management. ISO, 2008.
, Understanding insider threat: a framework for characterising attacks, Proceedings of the 2014 IEEE Security and Privacy Workshops, ser. SPW '14, pp.214-228, 2014.
, OpenStack software, 2018.
, Openstack Server Statuses description, 2018.
, Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework, Journal of Network and Computer Applications, 2016.
, Anomaly Detection System in Cloud Environment Using Fuzzy Clustering Based ANN, Mobile Netw Appl, pp.1-12, 2015.
, Fighting Computer Crime: A New Framework for Protecting Information, pp.0-471, 1998.
, Insider threat detection using stream mining and graph mining, 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third International Conference on Social Computing, pp.1102-1110, 2011.
DOI : 10.1109/passat/socialcom.2011.211
URL : http://www.utdallas.edu/~kxh060100/parveen-passat11.pdf
, An intrusion detection and prevention system in cloud computing: A systematic review, Journal of Network and Computer Applications, vol.36, issue.1, pp.25-41, 2013.
, Review: a review of novelty detection, Signal Process, vol.99, pp.165-1684, 2014.
, Intrusion detection with unlabeled data using clustering, Proceedings of ACM CSS Workshop on Data Mining Applied to Security, pp.5-8, 2001.
, Rabbitmq, 2018.
, A new take on detecting insider threats: exploring the use of hidden markov models, Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats, ser. MIST '16, pp.47-56, 2016.
,
, A theory of Pavlovian conditioning: variations on the effectiveness of reinforcement and non-reinforcement, Classical conditioning II: Current research and theory, pp.64-99, 1972.
, Security Analysis in the Migration to Cloud Environments, Future Internet, vol.4, issue.4, pp.469-487, 2012.
, Silhouettes: a graphical aid to the interpretation and validation of cluster analysis, Journal of Computational and Applied Mathematics, vol.20, pp.90125-90132, 1987.
, Assessing insider threats to information security using technical, behavioural and organisational measures, Inf. Secur. Tech. Rep, vol.15, issue.3, pp.1363-4127, 2010.
, Modeling user search behavior for masquerade detection, Proceedings of the 14th International Conference on Recent Advances in Intrusion Detection, ser. RAID'11, pp.978-981, 2011.
DOI : 10.1007/978-3-642-23644-0_10
URL : http://ids.cs.columbia.edu/sites/default/files/RAID_2011_0.pdf
, A framework for understanding and predicting insider attacks, Comput. Secur, vol.21, issue.6, p.1009, 2002.
, Web-scale k-means clustering, Proceedings of the 19th International Conference on World Wide Web, ser. WWW '10, pp.978-979, 2010.
DOI : 10.1145/1772690.1772862
, Detecting insider threats in a real corporate database of computer usage activity, Proceedings of the 19th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, ser. KDD '13, pp.1393-1401, 2013.
, C2DF: High Rate DDOS filtering method in Cloud Computing, International Journal of Computer Network and Information Security, vol.6, issue.9, pp.43-50, 2014.
, A Detection Algorithm for DoS Attack in the Cloud Environment, COMPUTE, pp.107-110, 2015.
, The role of behavioral research and profiling in malicious cyber insider investigations, Digit. Investig, vol.3, issue.1, pp.1742-2876, 2006.
, Toward developing a systematic approach to generate benchmark datasets for intrusion detection, Computers & Security, 2012.
, Anomaly detection in the cloud using data density, 2016 IEEE 9th International Conference on Cloud Computing, pp.616-623, 2016.
, A comparison study on similarity and dissimilarity measures in clustering continuous data, PLOS ONE, vol.10, issue.12, pp.1-20, 2015.
, An agent-based approach to modeling insider threat, Computational and Mathematical Organization Theory, vol.22, issue.3, pp.1572-9346, 2016.
,
, System level user behavior biometrics using fisher features and gaussian mixture models, 2013 IEEE Security and Privacy Workshops, pp.52-59, 2013.
, Selecting and interpreting measures of thematic classification accuracy, Remote Sensing of Environment, vol.62, issue.1, pp.83-90, 1997.
, Online growing neural gas for anomaly detection in changing surveillance scenes, Pattern Recognition, vol.64, pp.31-3203, 2017.
, Deep learning for unsupervised insider threat detection in structured cybersecurity data streams, CoRR, 2016.
, Australian Defense Force Academy, 2017.
, Locking the sky: a survey on IaaS cloud security, Computing, vol.91, issue.1, 2011.
, Process profiling using frequencies of system calls, Proceedings of the The Second International Conference on Availability, Reliability and Security, pp.473-479, 2007.
, Taxonomy and Survey of Collaborative Intrusion Detection, CSUR, vol.47, issue.4, pp.55-88, 2015.
, Using gng to improve 3d feature extraction-application to 6dof egomotion, vol.32, pp.138-184, 2012.
, VirtualBox software, 2018.
, Malware Detection in Cloud Computing Infrastructures, TDSC, vol.13, issue.2, pp.192-205, 2016.
, Events-based security monitoring using mmt tool, 2012 IEEE Fifth International Conference on Software Testing, Verification and Validation, pp.860-863, 2012.
, 2018 verizon data breach investigations report, Tech. Rep, 2018.
, Evaluating host-based anomaly detection systems: a preliminary analysis of adfa-ld, 2013 6th International Congress on Image and Signal Processing, vol.03, pp.1711-1716, 2013.
, A brief survey on sequence classification, SIGKDD Explor. Newsl, vol.12, issue.1, pp.1931-0145, 2010.
, Anomaly secure detection methods by analyzing dynamic characteristics of the network traffic in cloud communications, Information Sciences, vol.258, pp.403-415, 2014.
, Mitigating insider threat in cloud relational databases, 2016.
, Beehive: large-scale log analysis for detecting suspicious activity in enterprise networks, Proceedings of the 29th Annual Computer Security Applications Conference, ser. ACSAC '13, pp.199-208, 2013.
, Use of domain knowledge to detect insider threats in computer activities, 2013 IEEE Security and Privacy Workshops, pp.60-67, 2013.
, Detecting unknown insider threat scenarios, 2014 IEEE Security and Privacy Workshops, pp.277-288, 2014.
, An approach with two-stage mode to detect cache-based side channel attacks, 2013 International Conference on Information Networking (ICOIN), pp.186-191, 2013.
, A cloud computing based architecture for cyber security situation awareness, 2013 IEEE Conference on Communications and Network Security (CNS), pp.488-492, 2013.
, A multi-criteria analysis of intrusion detection architectures in cloud environments, 2015 International Conference on Cloud Technologies and Applications (CloudTech), pp.1-9, 2015.
, Data streaming with affinity propagation, Machine Learning and Knowledge Discovery in Databases, pp.978-981, 2008.
URL : https://hal.archives-ouvertes.fr/inria-00289679