|
[1] Alharby, A. and Imai, H. (2005) "IDS False Alarm Reduction Using Continuous and Discontinuous Patterns", Proceedings of ACNS 2005, 2005, pp.192-205. [2] Valdes, A. and Skinner, K. (2001) "Probabilistic Alert Correlation", Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection, 2001, pp.54-68. [3] Morin, B. and Debar, H. (2003) "Correlation of Intrusion Symptoms: an Application of Chronicles", Proceedings of the 6th symposium on Recent Advances in Intrusion Detection (RAID 2003), September 2003. [4] Cabrera, J. B. D., Lewis, L., Qin, X., Lee,W., Prasanth, R. K., Ravichandran, B. and Mehra, R. K. (2001) "Proactive detection of distributed denial of service attacks using MIB traffic variables - A feasibility study.", Proceedings of the 7th IFIP/IEEE International Symposium on Integrated Network Management, 2001. [5] Erhard, W., Gutzmann, M. M. and Libati, H. M. (2000) "Network Traffic Analysis and Security Monitoring UniMon", Proceeding of the IEEE Conference on High Performance Switching and Routing, 2000, ATM 2000, pp 439-46. [6] Cuppens, F. and Miege, A. (2002) "Alert correlation in a cooperative intrusion detection framework", Proceedings of the 2002 IEEE Symposium on Security and Privacy, May 2002. [7] Goldman, R. P., Heimerdinger, W., Harp, S. A., Geib, C. W., Thomas, V. and Carter, R. L. (2001) "Information Modeling for Intrusion Report Aggregation", In DARPA Information Survivability Conference and Exposition II, 2001. [8] Debar, H. and Wespi, A. (2001) "The intrusion-detection console correlation mechanism", In 4th International Symposium on Recent Advances in Intrusion Detection (RAID 2001), October 2001. [9] Hsin, W. Y. (2005) "A Study of Alert-Based Collaborative Defense", National Chiao Tung University, Master Thesis, 2005. [10] Chen, J., DeWitt, D. J., Tian, F. and Wang, Y. (2000) "NiagaraCQ: A scalable continuous query system for internet databases", Proceedings of ACM SIGMOD 2000, 2000, pp.379-390. [11] Clement, L. Y. S. (2003) "Log Analysis as an OLAP Application - A Cube to Rule Them All", Practical assignment for GIAC GSEC certification, June 2003. [12] Sabhnani, M. and Serpen, G. (2003) "Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection", Proceedings of the International Conference on Machine Learning; Models, Technologies and Applications. MLMTA'03, Jane 23-26, 2003. [13] Shin, M. S., Kim, E. H. and Ryu, K. H. (2004) "False Alarm Classification Model for Network-Based Intrusion Detection System", Proceedings of IDEAL 2004, 2004, pp.259-265. [14] Park, K. and Lee, H. (2001) "On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law Internets", Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, Aug. 2001. [15] Porras, P. A., Fong, M. W. and Valdes, A. (2002) "A Mission-Impact-Based Approach to INFOSEC Alarm Correlation", Lecture Notes in Computer Science, Proceedings Recent Advances in Intrusion Detection, 2002, pp.95-114. [16] Ning, P., Cui, Y. and Reeves, D. S. (2002) "Constructing attack scenarios through correlation of intrusion alerts", 9th ACM Conference on Computer and Communications Security, November 2002. [17] Ning, P., Xu, D., Healey, C. G. and Amant, R. A. St. (2004) "Building attack scenarios through integration of complementary alert correlation methods", Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS'04), February 2004. [18] Agrwal, R. and Srikant, R. (1995) "Mining Sequential Patterns", Proc. of the 11th Int'l Conference on Data Engineering, March 1995. [19] Madden, S. R., Shah, M. A. and Hellerstein, J. M. (2002) "Continuously adaptive continuous queries over streams", Proceedings of ACM SIGMOD 2002, 2002. [20] Cheung, S., Lindqvist, U. and Fong, M. W. (2003) "Modeling multistep cyber attacks for scenario recognition", Proceedings of the Third DARPA Information Survivability Conference and Exposition (DISCEX III), April 2003. [21] Srikant, R. and Agrawal, R. (1996) "Mining sequential patterns: Generalizations and performance improvements", Proc. of the Fifth Int'l Conference on Extending Database Technology (EDBT), 1996. [22] Tseng, Y. C. (2004) "Monitoring Network Intrusion by OLAP and Data Mining", National Chiao Tung University, Master Thesis, 2004. [23] Symantec Corp. (2006) "Symantec Internet Security Threat Report: Trends for July 05-Decamber 05" Volume IX, Published March 2006, URL: http://www.symantec.com/index.htm. [24] Basic Analysis and Security Engine (BASE), URL: http://secureideas.sourceforge.net/, 2005. [25] CERT Coordination Center, URL: http://www.cert.org/, 2006. [26] DRAMA Expert System, CORETECH Inc., URL: http://www.coretech.com.tw/c_DRAMA.htm, 2006. [27] Snort�� Intrusion Detection/Prevention System, URL: http://www.snort.org/, 2006. [28] Taiwan Computer Emergency Response Team/Coordination Center (TWCERT/CC), URL: http://www.cert.org.tw/, 2006.
|