참고문헌 (70)

1. 10.1109/DBKDA.2009.26 R. Gabriel, T. Hoppe, A. Pastwa, S. Sowa, Analyzing MALWARE log data to support security information and event management: Some research results, in: Proceedings of the 1st International Conference on Advances in Databases, Knowledge, and Data Applications, 2009, pp. 108-113. 

   

2. Information Fusion Corona 10 4 274 2009 10.1016/j.inffus.2009.03.001 Information fusion for computer security: state of the art and open issues 

   상세보기

3. Communications of ACM Bass 43 99 2000 10.1145/332051.332079 Intrusion detection systems and multisensor data fusion 

   상세보기

4. Proceedings of the IEEE Hall 85 6 1997 10.1109/5.554205 An introduction to multisensor data fusion 

   상세보기

5. Tan 2006 Introduction to Data Mining 

6. I. Ahmad, A.B. Abdullah, A.S. Alghamdi, Artificial neural network approaches to intrusion detection: a review, in: Proceedings of the 8th Wseas International Conference on telecommunications and informatics, WSEAS, 2009, pp. 200-205. 

7. Pattern Recognition Letters Zhang 26 6 779 2005 10.1016/j.patrec.2004.09.045 Intrusion detection using hierarchical neural networks 

   상세보기

8. Debar 85 2001 Recent Advances in Intrusion Detection Aggregation and correlation of intrusion-detection alerts 

9. Ning 245 2002 Proceedings of the 9th ACM Conference on Computer and Communications Security Constructing attack scenarios through correlation of intrusion alerts 

10. T. Limmer, F. Dressler, Survey of Event Correlation Techniques for Attack Detection in Early Warning Systems, 2008. 

11. Computational Intelligence Lu 20 3 475 2004 10.1111/j.0824-7935.2004.00247.x Detecting new forms of network intrusion using genetic programming 

    상세보기

12. Artificial Intelligence Review Lee 14 533 2000 10.1023/A:1006624031083 Adaptive intrusion detection: a data mining approach 

    

13. Sommer 262 2003 Proceedings of the 10th ACM Conference on Computer and Communications Security Enhancing byte-level network intrusion detection signatures with context 

14. Journal of the Royal Statistical Society Ripley 56 3 409 1994 10.1111/j.2517-6161.1994.tb01990.x Neural networks and related methods for classification 

    상세보기

15. Lei 190 2004 Proceedings of 2nd Annual Conference on Communication Networks and Services Research Network intrusion detection using an improved competitive learning neural network 

16. Advances in Natural Computation Yin 323 2005 10.1007/11539902_38 Applying genetic programming to evolve learned rules for network anomaly detection 

    상세보기

17. International Journal of Computational Faraoun 3 1 79 2006 Genetic programming approach for multi-category pattern classification applied to network intrusions detection 

18. OSSIM, Open Source Security Information Management <http://communities.alienvault.com/community>, visited March 2012. 

19. A. ESM, Enterprise Security Manager <http://www.arcsight.com/products/products-esm/>, visited March 2012. 

20. RSA, Envision <http://www.rsa.com/node.aspx?id=3170>, visited March 2012. 

21. SenSage, Sensage SIEM Solution <http://www.sensage.com/>, visited March 2012. 

22. H. CLW, Compliance Log Warehouse <http://h20338.www2.hp.com/NonStopComputing/cache/523873-0-0-0-121.html> (visited March 2012). 

23. N. Sentinel, Sentinel <http://www.novell.com/products/sentinel/> (visited March 2012). 

24. LogLogic, Log Management and Security Event Management <http://loglogic.com/> (visited March 2012). 

25. netForensics, nfx sim one <http://www.netforensics.com/products/security_information_management/SIM_One/> (visited March 2012). 

26. Bitacora, System of Centralization, Management and Exploitation of a Company’s Events <http://bitacora.s21sec.com/> (visited March 2012). 

27. Gartner RAS Core Research Note G Nicolett 176034 1 2010 Magic quadrant for security information and event management 

28. Nist Special Publication, NIST Bace 2001 Intrusion detection systems 

29. Network Security Casey 2 4 2008 10.1016/S1353-4858(08)70016-3 Turning log files into a security asset 

    상세보기

30. Peng 1028 2007 Proceedings of the 13th ACM SIGKDD Internatiuonal Conference on Knowledge Discovery and Data Mining Event summarization for system management 

31. Computer networks Paxson 31 23-24 2435 1999 10.1016/S1389-1286(99)00112-7 Bro: a system for detecting network intruders in real-time 

    상세보기

32. Expert Systems with Applications Depren 29 4 713 2005 10.1016/j.eswa.2005.05.002 An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks 

    상세보기

33. Computer Networks Spafford 34 4 547 2000 10.1016/S1389-1286(00)00136-5 Intrusion detection using autonomous agents 

    상세보기

34. S.-C. Zhong, Q.-F. Song, X.-C. Cheng, Y. Zhang, A safe mobile agent system for distributed intrusion detection, in: Proceedings of the International Conference on Machine Learning and Cybernetics, vol. 4, 2003, pp. 2009-2014. 

35. Computers & Security Zhou 29 1 124 2010 10.1016/j.cose.2009.06.008 A survey of coordinated attacks and collaborative intrusion detection 

    상세보기

36. Applied Soft Computing Wu 10 1 1 2010 10.1016/j.asoc.2009.06.019 The use of computational intelligence in intrusion detection systems: a review 

    상세보기

37. T. Lunt, A. Tamaru, F. Gilham, R. Jagannathan, C. Jalali, H. Javitz, A. Valdes, P. Neumann, T. Garvey, A real-time intrusion-detection expert system (ides), Project interim progress report, SRI International (1992). 

38. S. Brugger, Data Mining Methods for Network Intrusion Detection, Technique Report, UC davis. 

39. Joshua vol. 41 2010 Adaptive clustering method for reclassifying network intrusions 

40. M. Bykova, S. Ostermann, B. Tjaden, Detecting network intrusions via a statistical analysis of network packet characteristics, in: Proceedings of the 33rd Southeastern Symposium on System Theory, 2001, pp. 309-314. 

41. Computers and Security Amini 25 6 459 2006 10.1016/j.cose.2006.05.003 Rt-unnid: a practical solution to real-time network-based intrusion detection using unsupervised neural networks 

    상세보기

42. Expert Systems with Applications Tsai 36 10 11994 2009 10.1016/j.eswa.2009.05.029 Intrusion detection by machine learning: a review 

    상세보기

43. Stein 136 2005 Proceedings of the 43rd Annual Southeast Regional Conference Decision tree classifier for network intrusion detection with ga-based feature selection 

44. Owais 300 2008 Proceedings of the 7th Computer Information Systems and Industrial Management Applications Survey: using genetic algorithm approach in intrusion detection systems techniques 

45. J. Kim, P. Bentley, Towards an artificial immune system for network intrusion detection: an investigation of clonal selection with a negative selection operator, in: Proceedings of the 2001 Congress on Evolutionary Computation, vol. 2, 2001, pp. 1244-252. 

46. 10.17487/rfc4765 H. Debar, D. Curry, B. Feinstein, Ietf rfc 4765 - the intrusion detection message exchange format <www.ietf.org/rfc/rfc4765.txt>, March 2007. 

    

47. C. Lonvick, Isoc rfc 3164 - the bsd syslog protocol <www.ietf.org/rfc/rfc4765.txt>, August 2007. 

48. Mathew 95 2005 Proceedins of the International Workshop on Innovative Architecture for Future Generation High-Performance Processors and Systems An alert fusion framework for situation awareness of coordinated multistage attacks 

49. Li 122 2006 Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense Towards scalable and robust distributed intrusion alert fusion with good load balancing 

50. IEEE Journal on Selected Areas in Communications Sifalakis 28 1 60 2010 10.1109/JSAC.2010.100107 Event detection and correlation for network environments 

    상세보기

51. S. Krishnamurthy, T. He, G. Zhou, J.A. Stankovic, S.H. Son, RESTORE: A real-time event correlation and storage service for sensor networks, in: Proceedings of the 3rd International Conference on Networked Sensing Systems (INSS), 2006, pp. 1-9. 

52. Morin 2002 M2D2: a formal data model for IDS alert correlation 

53. Saraydaryan 1 2008 Proceedings of the 8th International Conferernce on New Technologies in Distributed Systems (NOTERE) Modeling of information system correlated events time dependencies 

54. ACM SIGKDD Explorations Newsletter Hall 11 1 10 2009 10.1145/1656274.1656278 The WEKA data mining software: an update 

    상세보기

55. Marceau 101 2000 Proceedings of the 2000 Workshop on New Security Paradigms, NSPW ’00 Characterizing the behavior of a program using multiple-length n-grams 

56. Suarez-Tangil 127 2009 Proceedings of the Computational Intelligence in Security for Information, Advances in Soft Computing Automatic rule generation based on genetic programming for event correlation 

57. I. Alliance, Snare Event Log Agent <http://www.intersectalliance.com/projects/Snare/> (visited March 2012). 

58. M. Roesch, Snort - Lightweight Intrusion Detection for Networks, in: Proceedings of the 13th USENIX Conference on System Administration, USENIX Association, 1999, pp. 229-238. 

59. L. Metasploit, The Metasploit Framework <http://www.metasploit.com/> (visited March 2012). 

60. 10.1007/978-1-4615-0953-0_5 O. Dain, R. Cunningham, Fusing a heterogeneous alert stream into scenarios, in: Proceedings of the 2001 ACM CSS Workshop on Data Mining for Security Applications, vol. 13, Philadelphia, PA, 2001. 

    

61. F. Cuppens, F. Autrel, A. Miege, S. Benferhat, et al., Recognizing malicious intention in an intrusion detection process, in: Second International Conference on Hybrid Intelligent Systems, vol. 87, 2002, pp. 806-817. 

62. Ning 200 2003 Proceedings of the 10th ACM Conference on Computer and Communications Security Learning attack strategies from intrusion alerts 

63. Noel 350 2004 20th Annual Computer Security Applications Conference Correlating intrusion events and building attack scenarios through attack graph distances 

64. Computer Communications Wang 29 15 2917 2006 10.1016/j.comcom.2006.04.001 Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts 

    상세보기

65. International Journal of Network Security Zhu 3 3 244 2005 Alert correlation for extracting attack strategies 

66. ACM Transactions on Information and System Security (TISSEC) Zhou 10 1 4 2007 10.1145/1210263.1210267 Modeling network intrusion detection alerts for correlation 

    상세보기

67. Journal of Network and Computer Applications Vincent Zhou 32 5 1106 2009 10.1016/j.jnca.2009.02.010 Decentralized multi-dimensional alert correlation for collaborative intrusion detection 

    상세보기

68. Computer Networks Ahmadinejad 55 9 2221 2011 10.1016/j.comnet.2011.03.005 A hybrid model for correlating alerts of known and unknown attack scenarios and updating attack graphs 

    상세보기

69. Computers & Security Sadoddin 28 3 153 2009 10.1016/j.cose.2008.11.010 An incremental frequent structure mining framework for real-time alert correlation 

    상세보기

70. Communications of the ACM McCarthy 30 12 1030 1987 10.1145/33447.33448 Generality in artificial intelligence 

    상세보기