Communications of the ACM - Homeland security
Testing network-based intrusion detection signatures using mutant exploits
Proceedings of the 11th ACM conference on Computer and communications security
The Kerf Toolkit for Intrusion Analysis
IEEE Security and Privacy
A Comprehensive Approach to Intrusion Detection Alert Correlation
IEEE Transactions on Dependable and Secure Computing
Mitigating denial of service attacks: a tutorial
Journal of Computer Security
Automated recognition of event scenarios for digital forensics
Proceedings of the 2006 ACM symposium on Applied computing
Synapse: auto-correlation and dynamic attack redirection in an immunologically-inspired IDS
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Understanding multistage attacks by attack-track based visualization of heterogeneous event streams
Proceedings of the 3rd international workshop on Visualization for computer security
Improving the quality of alerts and predicting intruder's next goal with Hidden Colored Petri-Net
Computer Networks: The International Journal of Computer and Telecommunications Networking
Analysis of active intrusion prevention data for predicting hostile activity in computer networks
Communications of the ACM
Adaptive real-time anomaly detection with incremental clustering
Information Security Tech. Report
Fault detection in sensors by using multiresolution signal decomposition
International Journal of Intelligent Systems Technologies and Applications
Online Risk Assessment of Intrusion Scenarios Using D-S Evidence Theory
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Functional requirements of situational awareness incomputer network security
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Alarm clustering for intrusion detection systems in computer networks
Engineering Applications of Artificial Intelligence
On the use of different statistical tests for alert correlation: short paper
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Using unsupervised learning for network alert correlation
Canadian AI'08 Proceedings of the Canadian Society for computational studies of intelligence, 21st conference on Advances in artificial intelligence
An ontology-based intrusion alerts correlation system
Expert Systems with Applications: An International Journal
Detecting, validating and characterizing computer infections in the wild
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Alarm clustering for intrusion detection systems in computer networks
MLDM'05 Proceedings of the 4th international conference on Machine Learning and Data Mining in Pattern Recognition
ADWICE – anomaly detection with real-time incremental clustering
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
| Hi-index | 0.02 |
The authors describe the first experimental validation of correlation systems with the goal of assessing the overall progress in the field. Their experiment set out to measure the collective ability of correlators to recognize cyber attacks and designate their targets.