Constructing attack scenarios through correlation of intrusion alerts
暂无分享,去创建一个
[1] Yun Cui,et al. A Toolkit for Intrusion Alerts Correlation based on Prerequisites and Consequences of Attacks , 2002 .
[2] Eugene H. Spafford,et al. A PATTERN MATCHING MODEL FOR MISUSE INTRUSION DETECTION , 1994 .
[3] Robert K. Cunningham,et al. Fusing A Heterogeneous Alert Stream Into Scenarios , 2002, Applications of Data Mining in Computer Security.
[4] Somesh Jha,et al. Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[5] Alfonso Valdes,et al. A Mission-Impact-Based Approach to INFOSEC Alarm Correlation , 2002, RAID.
[6] Giovanni Vigna,et al. NetSTAT: A Network-based Intrusion Detection System , 1999, J. Comput. Secur..
[7] Karl N. Levitt,et al. GrIDS A Graph-Based Intrusion Detection System for Large Networks , 1996 .
[8] Marc Dacier,et al. Intrusion detection , 1999, Comput. Networks.
[9] Frédéric Cuppens,et al. Alert correlation in a cooperative intrusion detection framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[10] Paul Ammann,et al. Using model checking to analyze network vulnerabilities , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.
[11] Sushil Jajodia,et al. Abstraction-based misuse detection: high-level specifications and adaptable strategies , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).
[12] Steven J. Templeton,et al. A requires/provides model for computer attacks , 2001, NSPW '00.
[13] David Harle,et al. Pattern discovery and specification techniques for alarm correlation , 1998, NOMS 98 1998 IEEE Network Operations and Management Symposium.
[14] Harold S. Javitz,et al. The NIDES Statistical Component Description and Justification , 1994 .
[15] Peng Ning,et al. Analyzing Intensive Intrusion Alerts via Correlation , 2002, RAID.
[16] Alfonso Valdes,et al. Probabilistic Alert Correlation , 2001, Recent Advances in Intrusion Detection.
[17] Klaus Julisch,et al. Mining alarm clusters to improve alarm handling efficiency , 2001, Seventeenth Annual Computer Security Applications Conference.
[18] Stuart Staniford-Chen,et al. Practical Automated Detection of Stealthy Portscans , 2002, J. Comput. Secur..
[19] Peng Ning,et al. An Intrusion Alert Correlator Based on Prerequisites of Intrusions , 2002 .
[20] Peng Ning,et al. Adapting Query Optimization Techniques for Efficient Intrusion Alert Correlation , 2002 .
[21] Sandeep Kumar,et al. Classification and detection of computer intrusions , 1996 .
[22] Livio Ricciulli,et al. Modeling Correlated Alarms in Network Management Systems , 1996 .
[23] Frédéric Cuppens,et al. Managing alerts in a multi-intrusion detection environment , 2001, Seventeenth Annual Computer Security Applications Conference.
[24] Stefanos Manganaris,et al. A Data Mining Analysis of RTID Alarms , 2000, Recent Advances in Intrusion Detection.
[25] Sushil Jajodia,et al. Abstraction-based intrusion detection in distributed environments , 2001, TSEC.
[26] Hervé Debar,et al. M2D2: A Formal Data Model for IDS Alert Correlation , 2002, RAID.
[27] Hervé Debar,et al. Aggregation and Correlation of Intrusion-Detection Alerts , 2001, Recent Advances in Intrusion Detection.
[28] Richard A. Kemmerer,et al. State Transition Analysis: A Rule-Based Intrusion Detection Approach , 1995, IEEE Trans. Software Eng..
[29] Giovanni Vigna,et al. STATL: An Attack Language for State-Based Intrusion Detection , 2002, J. Comput. Secur..
[30] Todd L. Heberlein,et al. Network intrusion detection , 1994, IEEE Network.
[31] Somesh Jha,et al. Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.
[32] Boris Gruschke,et al. INTEGRATED EVENT MANAGEMENT: EVENT CORRELATION USING DEPENDENCY GRAPHS , 1998 .
[33] Frédéric Cuppens,et al. LAMBDA: A Language to Model a Database for Detection of Attacks , 2000, Recent Advances in Intrusion Detection.