Implementation of Analyzer of the Alert Data using Data Mining
![]() |
신문선
(충북대학교 전자계산학과)
김은희 (충북대학교 전자계산학) 문호성 (가림정보기) 류근호 (충북대학교 전기전자및컴퓨터공학) 김기영 (한국전자통신연구원 네트워크정보보호연구본부) |
1 | S. M. Lewandowski, D. J. Van Hook, G. C. OLeary, J. W. Haines, and L. M. Rossey, SARA:Survivable Autonomic Response Architecture, DISCEX01, Anaheim, California, June 2001 DOI |
2 | D. Anderson, T. Frivold, A. Valdes, 'Next-generation Intrusion Detection Expert System(NIDES),' Technical Report SRI-CLS-95-07, May 1995 |
3 | R. Heady, G. Luger, A. Maccabe, and M. Servilla, 'The Architecture of a Network Level Intrusion Detection System,' Technical report, University of New Mexico, Department of computer Science, Aug. 1990 |
4 | O. Dain and R.K.Cunningham, 'Fusing a Heterogeneous Alert Stream into Scenarios,' In Proceedings of the 2001 ACM Workshop on Data Mining for Security Applications, pages 113-,Nov. 2001 |
5 | D. Schnackenberg, K. Djahandari, and D. Sterne, Infrastructure for Intrusion Detection and Response, Proceedings of the DARPA Information Survivability Conference and Exposition, SC, Jan. 2000 DOI |
6 | W. Lee, W. Fan, 'Mining System Audit Data: Opportunities and Challenges,' College of Computing Georgia Institute of Technology Atlanta, GA 30332-0280, IBM T.J. Watson Research Center Hawthome, NY10532.2000 DOI ScienceOn |
7 | W. Lee, S. J. Stolfo, K. W. Mok, 'A Data Mining Framework for Building Intrusion Detection Models,' 2001 DOI |
8 | W. Lee, S. J. Stolfo, 'Data Mining Approaches for Intrusion Detection,' Columbia University, Computer Science Department, 1998 |
9 | H. Debar and A. Wespi, 'Aggregation and Correlation of Intrusion-Detection Alerts,' In Recent Advances in Intrusion Detection, number 2212 in Lecture Notes in Computer Science, pages 85-103, 2001 |
10 | M. S. Shin, H. S. Moon, K. H. Ryu, J. O. Kim and K.Y. Kim, 'Applying Data Mining Techniques to Analyze Alert Data,' APWeb2003, Xi'an,China, Apr. 2003 |
11 | A. Valdes and K. Skinner, 'Probabilistic Alert Correlation', Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection (RAID 2001), pages 54-68, 2001 |
12 | S. Staniford, J.A.Hoaglandl, and J.M. McAlerney, 'Practical Automated Detection of Stealthy Portscans,' In ACM Computer and Communications Security IDS Workshop, pages 1-7, 2000 |
13 | B. Moore, E. Ellesson, J. Strassner, and A. Westerinen, Policy Core Information Model Version 1 Spec., IETF RFC3060, Feb. 2001 |
14 | E. Lupu and M. Sloman, Conflicts in Policy-based Distributed Systems Management, IEEE Transactions on Software Engineering, Vol. 25, No. 6, Nov. 1999 DOI ScienceOn |
15 | A. Westerinen, J. Schnizlein, J. Strassner, M. Scherling, B. Quinn, S. Herzog, A. Huynh, M. Carlson, J. Perry, and S. Waldbusser, Terminology for Policy-Based Management, IETF, July 2001 |
16 | P. Ning and Y. Cui, 'An Intrusion Alert Correlator based on Prerequisites of Intrusions,' Technical Report TR-2002-01, Department of Computer Science, North Carolina State Univ., Jan 2002 |
17 | IPHIGHWAY, Inc., Introduction to Policy-based Networking and Quality of Service |
18 | H. Jiawei and K. Michelle, 'Data Mining: Concepts and Techniques,' Morgan Kaufmann, 2000 |
19 | H. S. Moon, M. S. Shin, K. H. Ryu and J. O. Kim 'Implementation of Security Policy Server's Alert Analyzer,' In Proceedings of the International Conference on Computer and Information Science, pages 142-147, Seoul, Korea, Aug. 2002 |
20 | Sudipto Guha, Rajeev Rastogi, and Kyuseok Shim, 'CURE: An Efficient Clustering Algorithm for Large Databases,' In Proceedings of the International Conference on Management of Data(SIGMOD), Vol. 27(2), Seattle,WA,USA, USA, 14, ACM Press, Jun. 1998 DOI |
21 | 김은희, 신문선, 문호성, 류근호, 김기영 '감사데이타 분석 마이너 설계 및 구현', 정보과학회 춘계학술발표, 2002년 4월 |
22 | KDD99Cup, ttp://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html, 1999 |
23 | Lincoln Lab MIT, DARPA 2000 Intrusion Detection Evaluation Datasets, http://ideval.II.mit.edu/2000 |
24 | M. S. Shin, E. H. Kim, H. S. Moon, K. H. Ryu and K. Y. Kim, 'Data Mining Methods for Alert Correlation Analysis,' Submitted for publication, International Journal of Computer and Information Science, USA, June, 2003 |
25 | D. Schnackenberg, H. Holliday, R. Smith, K. Djahandari, and D. Sterne, Cooperative Intrusion Traceback and Response Architecture(CITRA), DISCEX01, Anaheim,California, June 2001 DOI |
![]() |