References
- Ning, P., 'Techniques and Tools for Analyzing Intrusion Alerts,' ACM Transactions on Information and System Security, Vol.7 No.2, pp 274-318, 2004
- Moh, W., Kim, M., Cheong, I., Noh, B., Seo, J., Park, E. and Park, C., 'An Analysis on the Correlation of Network-based Alerts with Association Rule Algorithm,' WISA 2004, pp.705-712, 2004
- Debar, H. and Wespi, A., 'Aggregation and Correlation of Intrusion-Detection Alerts,' RAID 2001, Oct., 2001
- Porras, P. and Neumann, P., 'EMERALD : Event Monitoring Enabling Responses To Anomalous Live Disturbances,' Proc. of the 20th National Information Systems Security Conference, pp 1-13, 1997
- Valdes, A. and Skinner, K., 'An Approach to Sensor Correlation,' RAID 2000, Oct 2000
- Valdes, A. and Skinner, K., 'Probabilistic Alert Correlation,' RAID 2001, Oct., 2001
- Beale, J., Foster, J., Posluns, J. and Caswell, B., Snort 2.0 Intrusion Detection, SynGress, 2003