Attack scenario reconstruction using intrusion semantics
暂无分享,去创建一个
[1] Wan Li,et al. An ontology-based intrusion alerts correlation system , 2010, Expert Syst. Appl..
[2] José M. Fernandez,et al. ONTIDS: A Highly Flexible Context-Aware and Ontology-Based Alert Correlation Framework , 2013, FPS.
[3] Richard Lippmann,et al. The 1999 DARPA off-line intrusion detection evaluation , 2000, Comput. Networks.
[4] Issa Traoré,et al. Semantic aware attack scenarios reconstruction , 2013, J. Inf. Secur. Appl..
[5] Wan Li,et al. XSWRL, an Extended Semantic Web Rule Language and prototype implementation , 2011, Expert Syst. Appl..
[6] Sean Bechhofer,et al. The OWL API: A Java API for Working with OWL 2 Ontologies , 2009, OWLED.
[7] Frédéric Cuppens,et al. LAMBDA: A Language to Model a Database for Detection of Attacks , 2000, Recent Advances in Intrusion Detection.
[8] Ulf Lindqvist,et al. Modeling multistep cyber attacks for scenario recognition , 2003, Proceedings DARPA Information Survivability Conference and Exposition.
[9] Hervé Debar,et al. An ontology-driven approach to model SIEM information and operations using the SWRL formalism , 2012, Int. J. Electron. Secur. Digit. Forensics.
[10] Hervé Debar,et al. A logic-based model to support alert correlation in intrusion detection , 2009, Inf. Fusion.
[11] Steffen Staab,et al. Measuring Similarity between Ontologies , 2002, EKAW.
[12] Jiawei Han,et al. gSpan: graph-based substructure pattern mining , 2002, 2002 IEEE International Conference on Data Mining, 2002. Proceedings..
[13] Hongli Zhang,et al. IDS alerts correlation using grammar-based approach , 2009, Journal in Computer Virology.
[14] Muttukrishnan Rajarajan,et al. Intrusion alert prioritisation and attack detection using post-correlation analysis , 2015, Comput. Secur..
[15] Ali A. Ghorbani,et al. Alert Correlation for Extracting Attack Strategies , 2006, Int. J. Netw. Secur..
[16] Ali A. Ghorbani,et al. An Online Adaptive Approach to Alert Correlation , 2010, DIMVA.
[17] Jennifer Widom,et al. SimRank: a measure of structural-context similarity , 2002, KDD.
[18] A. Goldberg. The nature of generalization in language , 2009 .
[19] Frédéric Cuppens,et al. Alert correlation in a cooperative intrusion detection framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[20] Ali A. Ghorbani,et al. An incremental frequent structure mining framework for real-time alert correlation , 2009, Comput. Secur..
[21] Peng Ning,et al. Constructing attack scenarios through correlation of intrusion alerts , 2002, CCS '02.
[22] Hans-Peter Kriegel,et al. A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise , 1996, KDD.
[23] D. West. Introduction to Graph Theory , 1995 .
[24] David Sánchez,et al. Ontology-based information content computation , 2011, Knowl. Based Syst..
[25] Shambhu J. Upadhyaya,et al. An alert fusion framework for situation awareness of coordinated multistage attacks , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).
[26] Ludovic Mé,et al. A Language Driven Intrusion Detection System for Event and Alert Correlation , 2004 .
[27] Hervé Debar,et al. M2D2: A Formal Data Model for IDS Alert Correlation , 2002, RAID.
[28] Hervé Debar,et al. The Intrusion Detection Message Exchange Format (IDMEF) , 2007, RFC.
[29] Mahdi Aiash,et al. Toward an Efficient Ontology-Based Event Correlation in SIEM , 2016, ANT/SEIT.
[30] A. Tversky. Features of Similarity , 1977 .
[31] Wenke Lee,et al. Attack plan recognition and prediction using causal networks , 2004, 20th Annual Computer Security Applications Conference.
[32] Steven J. Templeton,et al. A requires/provides model for computer attacks , 2001, NSPW '00.