An Implementation of ESM with the Security Correlation Alert for Distributed Network Environment |
한근희
(건국대학교 정보통신대학원)
전상훈 (SK infosec 전임 컨설턴트) 김일곤 (고려대학교 컴퓨터학과) 최진영 (고려대학교 컴퓨터학과) |
1 | M. Botha, R. V. Solms, K. Perry, E. Loubser and G. Yamoyany, 'The Utilization of Artificial Intelligence in a Hybrid Intrusion Detection System,' Proceedings of SAICSIT 2002, pp. 149-155, 2002 |
2 | P. Ning, 'Abstraction-Based Intrusion Detection In Distributed Environments,' ACM Transactions on Information and System Security, Vol.4, No.4, pp, 407-452, 2001 DOI |
3 | T. Bass, 'Intrusion Detection Systems And Multisensor Data Fusion,' Communications of the ACM, Vol.43, No.4, pp. 99-105, 2001 DOI ScienceOn |
4 | D. Frincke, 'Balancing Cooperation and Risk in Intrusion Detection,' ACM Transactions on Information and System Security, Vol.3, No.1, pp. 1-29, 2001 DOI |
5 | NetForensics Article, http://www.netforensics.com. 2003 |
6 | P. Ning, Y. Cui, D. S. Reeves, 'Construction Attack Scenarios through Correlation of Intrusion Alerts,' ACM1-58113-612-9, pp. 245-254, 2002 |
7 | D. Curry, Intrusion Detection Message Exchange Format Extensible Markup Language(XML) Document Type Definition, http://www.ietf.org/ids.by.wg/idwg.html, 2003 |
8 | P. Loshin, Information Security Magazine article for Meta-IDS, http://www.infosecuritymag.com/articles/june01/columns_standards_watch.shtml, 2001 |
9 | IDMEF XML Library (libidmef) Version 0.6.1 API 2002, Silicon Defense. http://www.silicondefense.com/idwg/libidmef/API, 2002 |