A Design of false alarm analysis framework of intrusion detection system by using incremental mining method
|
|
Kim Eun-Hee
(충북대학교 전자계산학과)
Ryu Keun-Ho (충북대학교 전기전자컴퓨터공학부) |
| 1 | Debar, H., Wespi, A, 'Aggregation and correlation of intrusion-detection alerts,' Recent Advances in Intrusion Detection, pp.85-103, Oct., 2001 |
| 2 | F. Cuppens, Miege, A, 'Alert correlation in a cooperative intrusion detection framework,' IEEE Symposium on Security and Privacy, pp.202-215, May., 2002 DOI |
| 3 | J. Han, Y. Cai, and N. Cercone, 'Data driven discovery of quantitative rules in relational databases,' IEEE Transactions on Knowledge and Data Engineering, pp.29-40, 1993 DOI ScienceOn |
| 4 | Snort. Open-source Network Intrusion Detection System. http://www .snort.org |
| 5 | Templeton, S., Levit, K, 'A requires/provides model for computer attacks,' New Security Paradigms Workshop, pp.31-38, 2000 DOI |
| 6 | K. Julisch. 'Dealing with False Positives in Intrusion Detection,' In 3nd Workshop on Recent Advances in Intrusion Detection, 2000 |
| 7 | Moon Sun Shin, Eun Hee Kim, Keun Ho Ryu, 'False Alarm Classification Model for Network Based Intrusion Detection System,' Intelligent Data Engineering and Automated Learning, pp.259 - 265, May., 2004 |
| 8 | 신문선, 김은희, 문호성, 류근호, 김기영, '데이터 마이닝 기법을 이용한 경보데이터 분석기 구현', 정보과학회논문지, 제31권, 1호, 2004 과학기술학회마을 |
| 9 | A. Valdes, 'Probabilistic Alert Correlation,' Recent Advances in Intrusion Detection, pp.54-68, 2001 |
| 10 | Moon Sun Shin, Eun Hee Kim, Keun Ho Ryu, Ki Young Kim. 'Data Mining Methods for Alert Correlation Analysis,' IJCIS, 2003 |
| 11 | B. Morin, L. Me, H. Debar, and M. Ducasse. 'M2D2: A formal data model for IDS alert correlation,' International Symposium on Recent Advances in Intrusion Detection, pp.115-137, 2002 |
| 12 | F. Provost and T. Fawcett, 'Robust Classification for Imprecise Environments,' Machine Learning, vol. 42/3, pp.203-231, 2001 DOI |
| 13 | S. Staniford, J.A. Hoagland, and J.M. McAlemey. 'Practical Automated Detection of Stealthy Portscans,' ACM Computer and Communications Security IDS Workshop, pp.105-136, 2000 |
| 14 | P. A. Porras, M. W. Fong, and A. Valdes. 'A mission impact based approach to INFOSEC alarm correlation,' Recent Advances in Intrusion Detection, pp.95-114, Oct., 2002 |
| 15 | W. Lee. 'A Data Mining Framework for Constructing Features and Models for Intrusion Detection System,' PhD thesis, Computer Science Department, Columbia University, NY, 1999 |
| 16 | S. Manganaris et al. ' Data Mining Analysis of RTID Alarms,' Recent Advances in Intrusion Detection, pp.7-9, Sep., 1999 |
| 17 | R. Heady, G. Luger, A. Maccabe, and M. Servilla, 'The Architecture of a Network Level Intrusion Detection System,' Technical report, Computer Science Department, University of New Mexico, Aug., 1990 |
| 18 | K Julisch. 'Mining alarm clusters to improve alarm handling efficiency,' Annual Computer Security Applications Conference, pp.12-21, Dec., 2001 |
| 19 | P. Ning, Y. Cui, and D. S Reeves. 'Constructing attack scenarios through correlation of intrusion alerts,' ACM Conference on Computer and Communications Security, pp.245-254, Nov., 2002 DOI |
| 20 | F. Cuppens, R. Ortalo, 'LAMBDA: A language to model a database for detection of attacks,' Recent Advances in Intrusion Detection, pp.197-216, Oct., 2000 |
| 21 | M. Joshi, R. Agarwal, V. Kumar, PNrule, 'Mining Needles in a Haystack Classifying Rare Classes via Two-Phase Rule Induction,' ACM SIGMOD Conference on Management of Data, pp.91 -102, May., 2001 |
| 22 | D, O, Cunningham, R, 'Fusing a heterogeneous alert stream into scenarios,' ACM Workshop on Data Mining for Security Applications, pp.1 -13, Nov., 2001 |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
