|
[1] F. Cuppens and R. Ortalo, “Lambda: A language to model a database for detection of attacks,” Proc. Recent Advances in Intrusion Detection, 3rd International Symposium, (RAID 2000), LNCS 1907, Springer-Verlag, Toulouse, France, Oct. 2000, pp. 197-216.
[2] S. T. Eckmann, G. Vigna, and R. A. Kemmerer, “STATL: an attack language for state-based intrusion detection,” Journal of Computer Security, vol. 10, no. 1-2, 2002, pp. 71-103.
[3] C. C. Lo, C.-C. Huang, and J. Ku, “A Cooperative Intrusion detection system framework for cloud computing networks,” Proc. 39th International Conference on Parallel Processing Workshops (ICPPW), Sept. 2010, pp. 280–284.
[4] H. L. Ren, N. Stakhanova, and A. Ghorbani, “An online adaptive approach to alert correlation,” Proc. 7th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Jul. 2010, pp. 153-172, doi: 10.1007.
[5] S. Roschke, C. Feng, and C. Meinel, “An extensible and virtualization compatible IDS management architecture,” Proc. Fifth International Conference on Information Assurance and Security, vol. 2, Aug. 2009: pp.130–134.
[6] B. Zhu and A. A. Ghorbani, “Alert correlation for extracting attack strategies,” International Journal of Network Security, vol. 3, no. 3, Nov. 2006, pp. 244–258.
[7] MIT Lincoln Laboratory, 2000 Darpa Intrusion Detection Scenario Specific Data Sets, 2000. Available: http://www.ll.mit.edu/mission/communications/cyber/CSTcorpora/ideval/data/
|