. Snort and . Snort, , 2014.

W. Lee, S. J. Stolfo, and K. W. Mok, A data mining framework for building intrusion detection models, IEEE S&P, pp.120-132, 1999.

S. Venkataraman, D. Brumley, S. Sen, and O. Spatscheck, Automatically inferring the evolution of malicious activity on the internet, NDSS, 2013.

S. Forrest, S. A. Hofmeyr, A. Somayaji, and T. A. Longstaff, A sense of self for unix processes, IEEE S&P, pp.120-128, 1996.

W. Wang, X. Guan, X. Zhang, and L. Yang, Profiling program behavior for anomaly intrusion detection based on the transition and frequency property of computer audit data, Computers & Security, vol.25, issue.7, pp.539-550, 2006.

D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, and K. Rieck, Drebin: Efficient and explainable detection of android malware in your pocket, NDSS, 2014.

X. Wei, L. Gomez, I. Neamtiu, and M. Faloutsos, Profiledroid: multilayer profiling of android applications, MOBICOM, pp.137-148, 2012.

G. F. Cretu, A. Stavrou, M. E. Locasto, S. J. Stolfo, and A. D. Keromytis, Casting out demons: Sanitizing training data for anomaly sensors, IEEE S&P, pp.81-95, 2008.

C. Gates and C. Taylor, Challenging the anomaly detection paradigm: a provocative discussion, NSPW, pp.21-29, 2006.

T. Lane and C. E. Brodley, Approaches to online learning and concept drift for user identification in computer security, KDD, pp.259-263, 1998.

. Kdd-data, Kdd cup 1999 data (retrieved febuary 2014), 1999.

I. Rish, M. Brodie, S. Ma, N. Odintsova, A. Beygelzimer et al., Adaptive diagnosis in distributed systems, IEEE Transactions on Neural Networks, vol.16, issue.5, pp.1088-1109, 2005.

. Ibm, Autonomic computing (retrieved febuary, 2014.

J. Brendan, D. Frey, and . Dueck, Clustering by passing messages between data points, Science, vol.315, issue.5814, pp.972-976, 2007.

X. Zhang, C. Furtlehner, and M. Sebag, Data streaming with affinity propagation, ECML/PKDD, 2008.
URL : https://hal.archives-ouvertes.fr/inria-00289679

S. E. Smaha, Haystack: An intrusion detection system, Proceedings of the IEEE Fourth Aerospace Computer Security Applications Conference, 1988.

M. Schonlau and M. Theus, Detecting masquerades in intrusion detection based on unpopular commands, Inf. Process. Lett, vol.76, issue.1-2, pp.33-38, 2000.

X. Guan, W. Wang, and X. Zhang, Fast intrusion detection based on a non-negative matrix factorization model, J. Network and f Applications, vol.32, issue.1, pp.31-44, 2009.

W. Wang, X. Guan, and X. Zhang, Processing of massive audit data streams for real-time anomaly intrusion detection, Computer Communications, vol.31, issue.1, pp.58-72, 2008.

K. Wang and S. J. Stolfo, Anomalous payload-based network intrusion detection, RAID, pp.203-222, 2004.

. Xu-sheng-gan, J. Jing-shun-duanmu, W. Fu-wang, and . Cong, Anomaly intrusion detection based on pls feature extraction and core vector machine, Knowl.-Based Syst, vol.40, pp.1-6, 2013.

C. Krügel and G. Vigna, Anomaly detection of web-based attacks, ACM CCS, pp.251-261, 2003.

L. Kenneth, H. Ingham, and . Inoue, Comparing anomaly detection techniques for http, RAID, pp.42-62, 2007.

Y. Song, A. D. Keromytis, and S. J. Stolfo, Spectrogram: A mixtureof-markov-chains model for anomaly detection in web traffic, NDSS, 2009.

D. Ariu, R. Tronci, and G. Giacinto, Hmmpayl: An intrusion detection system based on hidden markov models, Computers & Security, vol.30, issue.4, pp.221-241, 2011.

S. Lee and J. Kim, Warningbird: Detecting suspicious urls in twitter stream, NDSS, 2012.

A. Razzaq, K. Latif, H. Ahmad, A. Hur, Z. Anwar et al., Semantic security against web application attacks, Information Sciences, vol.254, issue.1, pp.19-38, 2014.

G. Chan, C. Lee, and S. Heng, Policy-enhanced anfis model to counter soap-related attacks, Knowl.-Based Syst, vol.35, pp.64-76, 2012.

G. Chan, C. Lee, and S. Heng, Discovering fuzzy association rule patterns and increasing sensitivity analysis of xml-related attacks, J. Network and Computer Applications, vol.36, issue.2, pp.829-842, 2013.

S. Suriadi, D. Stebila, A. J. Clark, and H. Liu, Defending web services against denial of service attacks using client puzzles, ICWS, pp.25-32, 2011.

S. Sangeetha, S. Haripriya, S. G. Mohana-priya, V. Vaidehi, and N. Srinivasan, Fuzzy rule-base based intrusion detection system on application layer, CNSA, pp.27-36, 2010.

E. Eskin, A. Arnold, M. Prerau, L. Portnoy, and S. Stolfo, A geometric framework for unsupervised anomaly detection: Detecting intrusions in unlabeled data. Applications of Data Mining in Computer Security, 2002.

L. Portnoy, E. Eskin, and S. Stolfo, Intrusion detection with unlabeled data using clustering, 2001.

K. Leung and C. Leckie, Unsupervised anomaly detection in network intrusion detection using clusters, Proc. 28th Australasian CS Conf., volume, vol.38, pp.333-342, 2005.

G. F. Cretu, A. Stavrou, M. E. Locasto, and S. J. Stolfo, Adaptive anomaly detection via self-calibration and dynamic updating, RAID, pp.41-60, 2009.

M. Rehák, E. Staab, M. Volker-fusenig, M. Pechoucek, J. Grill et al., Runtime monitoring and dynamic reconfiguration for intrusion detection systems, RAID, pp.61-80, 2009.

A. Murad, A. Rassama, M. Zainala, and . Maarofaand, Adaptive and online data anomaly detection for wireless sensor systems. Knowledge-Based Systems, available online first, 2014.

Z. Yu, J. P. Jeffrey, T. J. Tsai, and . Weigert, An adaptive automatically tuning intrusion detection system, ACM Trans. Autonomous and Adaptive Systems, vol.3, issue.3, 2008.

F. Maggi, W. K. Robertson, C. Krügel, and G. Vigna, Protecting a moving target: Addressing web application concept drift, RAID, pp.21-40, 2009.

W. K. Robertson, F. Maggi, C. Kruegel, and G. Vigna, Effective anomaly detection with scarce training data, NDSS, 2010.

W. Wang, F. Masseglia, T. Guyet, R. Quiniou, and M. Cordier, A general framework for adaptive and online detection of web attacks, WWW, pp.1141-1142, 2009.
URL : https://hal.archives-ouvertes.fr/inria-00461391

X. Zhang, C. Furtlehner, C. Germain-renaud, and M. Sebag, Data stream clustering with affinity propagation, IEEE Transactions on Knowledge and Data Engineering, 2014.
URL : https://hal.archives-ouvertes.fr/hal-00862941

J. Gama, Knowledge Discovery from Data Streams, 2010.

. Ed, C. Charu, C. K. Aggarwal, and . Reddy, Data Clustering: Algorithms and Applications, 2013.

A. Levy and M. Lindenbaum, Sequential karhunen-loeve basis extraction and its application to images, IEEE Transactions on Image Processing, vol.9, pp.1371-1374, 2000.

Y. Liao and V. Vemuri, Using text categorization techniques for intrusion detection, USENIX Security Symposium, pp.51-59, 2002.

W. Wang, X. Zhang, and S. Gombault, Constructing attribute weights from computer audit data for effective intrusion detection, J. Sys. and Soft, vol.82, issue.12, pp.1974-1981, 2009.

B. Schölkopf, J. C. Platt, J. Shawe-taylor, A. J. Smola, and R. C. Williamson, Estimating the support of a high-dimensional distribution, Neural Computation, vol.13, issue.7, pp.1443-1471, 2001.

I. T. Jolliffe, Principal Component Analysis, 2002.

R. O. Duda, P. E. Hart, and D. G. Stork, , 2004.

W. K. Robertson, G. Vigna, C. Krügel, and R. A. Kemmerer, Using generalization and characterization techniques in the anomaly-based detection of web attacks, NDSS, 2006.

C. Chang and C. Lin, LIBSVM: A library for support vector machines, ACM Transactions on Intelligent Systems and Technology, vol.2, pp.1-27, 2011.

X. Zhang, C. Furtlehner, J. Perez, C. Germain-renaud, and M. Sebag, Toward autonomic grids: analyzing the job flow with affinity streaming, KDD, pp.987-996, 2009.
URL : https://hal.archives-ouvertes.fr/inria-00393825

J. Mchugh, Testing intrusion detection systems: a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory, ACM Trans. Inf. Syst. Secur, vol.3, issue.4, pp.262-294, 2000.

W. Wang, X. Zhang, S. Gombault, and S. J. Knapskog, Attribute normalization in network intrusion detection, ISPAN, pp.448-453, 2009.
URL : https://hal.archives-ouvertes.fr/hal-00725642