Integrating multiple information resources to analyze intrusion alerts
暂无分享,去创建一个
[1] Samuel T. King,et al. Enriching Intrusion Alerts Through Multi-Host Causality , 2005, NDSS.
[2] R. Jagannathan,et al. A prototype real-time intrusion-detection expert system , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.
[3] Linda C. van der Gaag,et al. Properties of Sensitivity Analysis of Bayesian Belief Networks , 2002, Annals of Mathematics and Artificial Intelligence.
[4] Peng Ning,et al. Privacy-preserving alert correlation: a concept hierarchy based approach , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).
[5] Marek J. Druzdzel,et al. Efficient Reasoning in Qualitative Probabilistic Networks , 1993, AAAI.
[6] Barak A. Pearlmutter,et al. Detecting intrusions using system calls: alternative data models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).
[7] Michael P. Wellman. Fundamental Concepts of Qualitative Probabilistic Networks , 1990, Artif. Intell..
[8] Peng Ning,et al. Building Attack Scenarios through Integration of Complementary Alert Correlation Method , 2004, NDSS.
[9] Alfonso Valdes,et al. A Mission-Impact-Based Approach to INFOSEC Alarm Correlation , 2002, RAID.
[10] R. Sekar,et al. A fast automaton-based method for detecting anomalous program behaviors , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.
[11] Hervé Debar,et al. M2D2: A Formal Data Model for IDS Alert Correlation , 2002, RAID.
[12] Somesh Jha,et al. Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[13] Frédéric Cuppens,et al. LAMBDA: A Language to Model a Database for Detection of Attacks , 2000, Recent Advances in Intrusion Detection.
[14] Stuart Staniford-Chen,et al. Practical Automated Detection of Stealthy Portscans , 2002, J. Comput. Secur..
[15] Giovanni Vigna,et al. STATL: An Attack Language for State-Based Intrusion Detection , 2002, J. Comput. Secur..
[16] Alfonso Valdes,et al. Probabilistic Alert Correlation , 2001, Recent Advances in Intrusion Detection.
[17] Judea Pearl,et al. Fusion, Propagation, and Structuring in Belief Networks , 1986, Artif. Intell..
[18] Michael Luby,et al. Approximating Probabilistic Inference in Bayesian Belief Networks is NP-Hard , 1993, Artif. Intell..
[19] Finn V. Jensen,et al. Bayesian Networks and Decision Graphs , 2001, Statistics for Engineering and Information Science.
[20] Wenke Lee,et al. Statistical Causality Analysis of INFOSEC Alert Data , 2003, RAID.
[21] David A. Wagner,et al. Intrusion detection via static analysis , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.
[22] Gregory F. Cooper,et al. Probabilistic inference in multiply connected belief networks using loop cutsets , 1990, Int. J. Approx. Reason..
[23] S. Martello,et al. Algorithms for Knapsack Problems , 1987 .
[24] David J. Spiegelhalter,et al. Local computations with probabilities on graphical structures and their application to expert systems , 1990 .
[25] Robert K. Cunningham,et al. Fusing A Heterogeneous Alert Stream Into Scenarios , 2002, Applications of Data Mining in Computer Security.
[26] Linda C. van der Gaag,et al. Monotonicity in Bayesian Networks , 2004, UAI.
[27] Frédéric Cuppens,et al. Alert correlation in a cooperative intrusion detection framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[28] Peng Ning,et al. A Flexible Approach to Intrusion Alert Anonymization and Correlation , 2006, 2006 Securecomm and Workshops.
[29] Robert K. Cunningham,et al. Building Scenarios from a Heterogeneous Alert Stream , 2001 .
[30] Duminda Wijesekera,et al. Scalable, graph-based network vulnerability analysis , 2002, CCS '02.
[31] Adnan Darwiche,et al. A distance measure for bounding probabilistic belief change , 2002, Int. J. Approx. Reason..
[32] Martin Roesch,et al. Snort - Lightweight Intrusion Detection for Networks , 1999 .
[33] Vern Paxson,et al. Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.
[34] Hervé Debar,et al. Aggregation and Correlation of Intrusion-Detection Alerts , 2001, Recent Advances in Intrusion Detection.
[35] Richard A. Kemmerer,et al. State Transition Analysis: A Rule-Based Intrusion Detection Approach , 1995, IEEE Trans. Software Eng..
[36] Anup K. Ghosh,et al. Detecting anomalous and unknown intrusions against programs , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).
[37] Stephanie Forrest,et al. A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.
[38] Karl N. Levitt,et al. Execution monitoring of security-critical programs in distributed systems: a specification-based approach , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).
[39] Vitaly Shmatikov,et al. Privacy-Preserving Sharing and Correlation of Security Alerts , 2004, USENIX Security Symposium.
[40] Gunar E. Liepins,et al. Detection of anomalous computer session activity , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.
[41] Stuart Staniford-Chen,et al. Holding intruders accountable on the Internet , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.
[42] Enrique F. Castillo,et al. Sensitivity analysis in discrete Bayesian networks , 1997, IEEE Trans. Syst. Man Cybern. Part A.
[43] Klaus Julisch,et al. Mining alarm clusters to improve alarm handling efficiency , 2001, Seventeenth Annual Computer Security Applications Conference.
[44] Gregory F. Cooper,et al. The Computational Complexity of Probabilistic Inference Using Bayesian Belief Networks , 1990, Artif. Intell..
[45] Peng Ning,et al. Reasoning about complementary intrusion evidence , 2004, 20th Annual Computer Security Applications Conference.
[46] R. Sekar,et al. Specification-based anomaly detection: a new approach for detecting network intrusions , 2002, CCS '02.
[47] Peng Ning,et al. Constructing attack scenarios through correlation of intrusion alerts , 2002, CCS '02.
[48] Steven J. Templeton,et al. A requires/provides model for computer attacks , 2001, NSPW '00.
[49] David Pisinger,et al. Algorithms for Knapsack Problems , 1995 .
[50] Marc Dacier,et al. Mining intrusion detection alarms for actionable knowledge , 2002, KDD.
[51] Frédéric Cuppens,et al. Managing alerts in a multi-intrusion detection environment , 2001, Seventeenth Annual Computer Security Applications Conference.