1 |
Ning P and Cui Y (2002), "An intrusion alert correlator based on prerequisites of intrusions," TR-2002-01
|
2 |
O.Dain and R.Cunninghan, "Building scenarios from a heterogeneous alert stream," IEEE Workshop on Information Assurance and Security, 2001.
|
3 |
Munsun Shin, Eunhui Kim, Hosung Mun, Keunho Ryu and Kiyoung Kim, "Data mining based alarm data analysis implementation," KCC : database 31(1), 2004.2.
|
4 |
F. Xiao, S. Jin and X. Li, "A novel data mining-based method for alert reduction and analysis," Journal of Network, vol. 5, no. 1, 2010, pp. 88-97.
|
5 |
S. Noel and S. Jajodia, "Correlating intrusion events and building attack scenarios through attack graph distance," In Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC'04), 2004.
|
6 |
C. Abad, Y. Li, K. Lakkaraju, X. Yin, and W. Yurcik. "Correlation between netFlow system and network views for intrusion detection in workshop on link analysis," Counter-terrorism, and Privacy held in conjunction with the SIAM International Conference on Data Mining, 2004.
|
7 |
Suhyung Lee, Hyochan Bang, Byunghwan Jang and Jungchan Na, "Security event processing for effective analysis," Electronics and Telecommunications Trends, 22(1), 2007.2.
|
8 |
A. Rao and S. Zang, "HBase-0.20.0 performance evaluation, "http://cloudepr.blogspot.com/2009_08_01_archive.html
|
9 |
Rishi Sinha, et.al, "Internet packet size distributions: some observations," Technical Report ISI-TR-2007-643, USC/Information Sciences Institute, May, 2007
|
10 |
Elshoush, H. Tagelsir, and I. M. Osmank, "Alert correlation in collaborative intelligent intrusion detection systems - A survey," Applied Soft Computing In Press, 2011.
|
11 |
K. Julisch, "Mining alarm clusters to improve alarm handling efficiency," Proceedings of the 17th Annual Conference on Computer Security Applications, 2001.
|
12 |
S. Cheung, U. Lindqvist, and M.W. Fong, "Modeling multistep cyber attacks for scenario recognition," DARPA Information Survivability Conference and Exposition, pp.284-292, 2003.
|
13 |
H. Debar, and A. Wespi, "Aggregation and correlation of intrusion detection alerts," Proceedings of the International Symposium on Recent Advances in Intrusion Detection, pp.85-103, 2001.
|
14 |
B. Morin, L. Me, H. Debar, and M. Ducasse, "M2D2: A formal data model for IDS alert correlation," Proc. Recent Advances in Intrusion Detection, pp.115-137, 2002
|
15 |
P. Ning, Y. Cui, and D. Reeves, "Analyzing intensive intrusion alerts via correlation," Proceedings of the International Symposium on the Recent Advances in Intrusion Detection, pp. 74-94. 2002.
|
16 |
P. Ning, Y. Cui, and D.S. Reeves, "Constructing attack scenarios through correlation of intrusion alerts," Proc. ACM Conf. Computer and Comm. Security, pp. 245-254, 2002.
|
17 |
F. Cuppens, "Managing alerts in a multi- intrusion detection environment," 17th Annual Computer Security Applications Conference, 2001.
|
18 |
X. Qin, and W. Le, "Statistical causality of infosec alert data," Proceedings of Recent Advances in Intrusion Detection, 2003.
|
19 |
W.L. Xinzhou Qin, "Statistical causality analysis of infosec alert data," Lecture Notes in Computer Science, 2003.
|
20 |
A.Valdes and K. Skinner, "Probabilistic alert correlation," RAID 2001.
|