Practical Unix and Internet security (2nd ed.)
Practical Unix and Internet security (2nd ed.)
Tripwire: a case study in integrity monitoring
Internet besieged
NetSTAT: A Network-Based Intrusion Detection Approach
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Network security via reverse engineering of TCP code: vulnerability analysis and proposed solutions
IEEE Network: The Magazine of Global Internetworking
Natural language processing for information assurance and security: an overview and implementations
Proceedings of the 2000 workshop on New security paradigms
Ontology in information security: a useful theoretical foundation and methodological tool
Proceedings of the 2001 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Constructing attack scenarios through correlation of intrusion alerts
Proceedings of the 9th ACM conference on Computer and communications security
Learning attack strategies from intrusion alerts
Proceedings of the 10th ACM conference on Computer and communications security
Techniques and tools for analyzing intrusion alerts
ACM Transactions on Information and System Security (TISSEC)
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
A Comprehensive Approach to Intrusion Detection Alert Correlation
IEEE Transactions on Dependable and Secure Computing
Hypothesizing and reasoning about attacks missed by intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits
Proceedings of the 12th ACM conference on Computer and communications security
Principles-driven forensic analysis
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
A framework for establishing, assessing, and managing trust in inter-organizational relationships
Proceedings of the 3rd ACM workshop on Secure web services
Modeling network intrusion detection alerts for correlation
ACM Transactions on Information and System Security (TISSEC)
Improving the quality of alerts and predicting intruder's next goal with Hidden Colored Petri-Net
Computer Networks: The International Journal of Computer and Telecommunications Networking
Attack profiles to derive data observations, features, and characteristics of cyber attacks
Information-Knowledge-Systems Management
MulVAL: a logic-based network security analyzer
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Large-scale collection and sanitization of network security data: risks and challenges
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Forensic analysis of logs: Modeling and verification
Knowledge-Based Systems
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
BotHunter: detecting malware infection through IDS-driven dialog correlation
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Two alternatives for handling preferences in qualitative choice logic
Fuzzy Sets and Systems
An OVAL-based active vulnerability assessment system for enterprise computer networks
Information Systems Frontiers
Case-oriented alert correlation
WSEAS Transactions on Computers
Real-Time Alert Correlation with Type Graphs
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Alert correlation survey: framework and techniques
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Multi-step attack modelling and simulation (MsAMS) framework based on mobile ambients
Proceedings of the 2009 ACM symposium on Applied Computing
Attacking the BitLocker Boot Process
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
A Scalable Approach to Full Attack Graphs Generation
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Transactions on Computational Science IV
A logic-based model to support alert correlation in intrusion detection
Information Fusion
Processing intrusion detection alert aggregates with time series modeling
Information Fusion
A Formal Approach for the Forensic Analysis of Logs
Proceedings of the 2006 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the fifth SoMeT_06
Formal Technique for Discovering Complex Attacks in Computer Systems
Proceedings of the 2007 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the sixth SoMeT_07
Real-time alert correlation using stream data mining techniques
IAAI'08 Proceedings of the 20th national conference on Innovative applications of artificial intelligence - Volume 3
Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts
Computer Communications
Towards Modelling Information Security with Key-Challenge Petri Nets
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Alert correlation by a retrospective method
ICOIN'09 Proceedings of the 23rd international conference on Information Networking
Evaluating MAPSec by marking attack graphs
Wireless Networks
Analyzing intensive intrusion alerts via correlation
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
A stochastic model for intrusions
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Towards identifying true threat from network security data
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
Mining attack correlation scenarios based on multi-agent system
Proceedings of the 2007 conference on Human interface: Part I
On the use of different statistical tests for alert correlation: short paper
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Application of the pagerank algorithm to alarm graphs
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Algebra for capability based attack correlation
WISTP'08 Proceedings of the 2nd IFIP WG 11.2 international conference on Information security theory and practices: smart devices, convergence and next generation networks
Malware characterization through alert pattern discovery
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
EVA: a framework for network analysis and risk assessment
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Attack scenario recognition through heterogeneous event stream analysis
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Validating and restoring defense in depth using attack graphs
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Remodeling vulnerability information
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Computer Networks: The International Journal of Computer and Telecommunications Networking
Modeling active cyber attack for network vulnerability assessment
ISPA'06 Proceedings of the 2006 international conference on Frontiers of High Performance Computing and Networking
Requirements of information reductions for cooperating intrusion detection agents
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Integrating IDS alert correlation and OS-Level dependency tracking
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Supporting vulnerability awareness in autonomic networks and systems with OVAL
Proceedings of the 7th International Conference on Network and Services Management
Rule-based topological vulnerability analysis
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
A planner-based approach to generate and analyze minimal attack graph
Applied Intelligence
An efficient forensic evidence collection scheme of host infringement at the occurrence time
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Toward hybrid attack dependency graphs
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Multi-layer episode filtering for the multi-step attack detection
Computer Communications
Analyzing multiple logs for forensic evidence
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Alert correlation using artificial immune recognition system
International Journal of Bio-Inspired Computation
A systematic process-model-based approach for synthesizing attacks and evaluating them
EVT/WOTE'12 Proceedings of the 2012 international conference on Electronic Voting Technology/Workshop on Trustworthy Elections
E-NIPS: an event-based network intrusion prediction system
ISC'07 Proceedings of the 10th international conference on Information Security
Limitation of honeypot/honeynet databases to enhance alert correlation
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Multi-stage attack detection algorithm based on hidden markov model
WISM'12 Proceedings of the 2012 international conference on Web Information Systems and Mining
Survey A model-based survey of alert correlation techniques
Computer Networks: The International Journal of Computer and Telecommunications Networking
A stochastic model of attack process for the evaluation of security metrics
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.01 |