| [1] Wikipedia. Domain name syestem[EB/OL]. America: Wikimedia Foundation. Inc.[2014-03-20]. http://en.wikipedia.org/wiki/Domain_Name_System.[2] Casalicchio E, Favino I N. Reference architecture, models and metrics[M/OL]. Roma: Global Cyber Security Center, (2011-07-22)[2013-10-20]. http://www.gcsec.org/sites/default/files/doc/D2%20Reference-Architecture-Models-and-Metrics.pdf.[3] Antonakakis M, Perdisci R, Lee W,et al. Detecting malware domains at the upper dns hierarchy[C]//The 20th USENIX Security Symposium. USENIX Security'11. Berkeley: USENIX, 2011: 27-27.[4] Mikle O, Slay K. Detecting hidden anomalies in DNS communication[C]//Casalicchio E. DNS EASY-2011. Americka: Global Cyber Security Center, 2011: 93-103.[5] Casalicchio E, Fovino I N. The 3rd global stability, security and resiliency symposium final report[R]. Roma: Global Cyber Security Center, 2011.[6] ICANN. Measuring the health of the domain name system, report of the 2nd annual symposium on DNS security, stability, & resiliency[R]. Kyoto: ICANN, 2010.[7] Mockapetris P. RFC1035-domain names-implementation and specification[EB/OL]. America: Network Working Group, 1987-11, http://www.ietf.org/rfc/rfc1035.txt.[8] Wikipedia. Mahalanobis distance[EB/OL]. America: Wikimedia Foundation Inc.[2014-03-22]. http://en.wikipedia.org/wiki/Mahalanobis_distance.[9] Mahalanobis, Chandra P. On the generalised distance in statistics[C]//Knight P. Proceedings of the National Institute of Sciences of India. India: National Institute of Sciences of India, 1936: 49-55. |
