Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

[1] M. Roesch, “Snort: Lightweight Intrusion Detection for Networks,” Proceedings of the 1999 USENIX LISA Conference, Seattle, WA, November 7–12, 1999, pp. 229–238.

[2] O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. Wing, “Automated Generation and Analysis of Attack Graphs,” Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P’02), 2002, pp. 273–284.

[3] P. Ammann, D. Wijesekera, and S. Kaushik, “Scalable, Graph-Based Network Vulnerability Analysis,” Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS’02), Washington, DC, 2002, pp. 217–224.

[4] S. Noel, S. Jajodia, B. O’Berry, and M. Jacobs, “Efficient Minimum-Cost Network Hardening via Exploit Dependency Graphs,” Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC’03), Las Vegas, NV, 2003, pp. 86–95.

[5] L. Wang, S. Noel, and S. Jajodia, “Minimum-Cost Network Hardening Using Attack Graphs,” Computer Communications 29, No. 18, November 2006, pp. 3812–3824.

[6] L. Wang, A. Liu, and S. Jajodia, “An Efficient and Unified Approach to Correlating, Hypothesizing, and Predicting Intrusion Alerts,” Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS 2005), 2005, pp. 247–266.

[7] L. Wang, A. Liu, and S. Jajodia, “Using Attack Graphs for Correlating, Hypothesizing, and Predicting Intrusion Alerts,” Computer Communications 29, No. 15 (2006): 2917–2933.

[8] F. Cuppens, “Managing Alerts in a Multi-Intrusion Detection Environment,” Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC’01), New Orleans, Louisiana, 2001, p. 22.

[9] O. Dain and R. Cunningham, “Building Scenarios from a Heterogeneous Alert Stream,” Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, 2001, pp. 231–235.

[10] S. Staniford, J. Hoagland, and J. McAlerney, “Practical Automated Detection of Stealthy Portscans,” Journal of Computer Security 10, No. 1/2 (2002): 105–136.

[11] A. Valdes and K. Skinner, “Probabilistic Alert Correlation,” Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection, 2001, pp. 54–68.

[12] K. Julisch and M. Dacier, “Mining Intrusion Detection Alarms for Actionable Knowledge,” Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Edmonton, Canada, 2002, pp. 366–375.

[13] X. Qin and W. Lee, “Statistical Causality Analysis of INFOSEC Alert Data,” Proceedings of the 6th International Symposium on Recent Advances in Intrusion Detection (RAID 2003), 2003, pp. 591–627.

[14] O. Dain and R. Cunningham, “Fusing a Heterogeneous Alert Stream into Scenarios,” In Proceedings of the ACM Workshop on Data Mining for Security Applications, 2001, pp. 1–13.

[15] H. Debar and A. Wespi, “Aggregation and Correlation of Intrusion-Detection Alerts,” Proceedings of the 3rd International Symposium on Recent Advances in Intrusion Detection (RAID’01), 2001, pp. 85–103.

[16] F. Cuppens and R. Ortalo, “LAMBDA: A Language to Model a Database for Detection of Attacks,” Proceedings of the 3rd International Symposium on Recent Advances in Intrusion Detection (RAID’01), 2001, pp. 197–216.

[17] S. Eckmann, G. Vigna, and R. Kemmerer, “STATL: An Attack Language for State-Based Intrusion Detection,” Journal of Computer Security 10, No. 1/2 (2002): 71–104.

[18] S. Templeton and K. Levitt, “A Requires/Provides Model for Computer Attacks,” Proceedings of the 2000 New Security Paradigms Workshop (NSPW’00), 2000, pp. 31–38.

[19] F. Cuppens and A. Miege, “Alert Correlation in a Cooperative Intrusion Detection Framework,” Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P’02), 2002, pp. 187–200.

[20] P. Ning, Y. Cui, and D. Reeves, “Constructing Attack Scenarios through Correlation of Intrusion Alerts,” Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS’02), Washington, DC, 2002, pp. 245–254.

[21] P. Ning and D. Xu, “Learning Attack Strategies from Intrusion Alerts,” Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS’03), Washington, DC, 2003, pp. 200–209.

[22] X. Qin and W. Lee, “Discovering Novel Attack Strategies from INFOSEC Alerts,” Proceedings of the 9th European Symposium on Research in Computer Security (ESORICS 2004), 2004, pp. 439–456.

[23] D. Xu and P. Ning, “Alert Correlation through Triggering Events and Common Resources,” Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC’04), Tucson, Arizona, 2004, pp. 360–369.

[24] Y. Zhai, P. Ning, and J. Xu, “Integrating IDS Alert Correlation and OS-Level Dependency Tracking,” IEEE International Conference on Intelligence and Security Informatics (ISI 2006), San Diego, CA, 2006, pp. 272–284.

[25] I. Ray and N. Poolsappasit, “Using Attack Trees to Identify Malicious Attacks from Authorized Insiders,” Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS’05), 2005, pp. 231–246.

[26] R. Chinchani, A. Iyer, H. Ngo, and S. Upadhyay, “Towards a Theory of Insider Threat Assessment,” Proceedings of the IEEE International Conference on Dependable Systems and Networks (DSN’05), Yokohama, Japan, 2005, pp. 108–117.

[27] D. Farmer, and E. Spafford, “The COPS Security Checker System,” USENIX Summer, 1990, pp. 165–170.

[28] D. Zerkle and K. Levitt, “Netkuang: A Multi-Host Configuration Vulnerability Checker,” Proceedings of the 6th USENIX Security Symposium (USENIX’96), 1996.

[29] C. Phillips L. and Swiler, “A Graph-Based System for Network-Vulnerability Analysis,” Proceedings of the New Security Paradigms Workshop (NSPW’98), 1998, pp. 71–79.

[30] M. Dacier, “Towards Quantitative Evaluation of Computer Security,” Ph.D. Thesis, Institut National Polytechnique de Toulouse, Toulouse, France, 1994.

[31] R. Ortalo, Y. Deswarte, and M. Kaaniche, “Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security,” IEEE Trans. Software Eng. 25, No. 5 (1999): 633–650.

[32] R. Ritchey and P. Ammann, “Using Model Checking to Analyze Network Vulnerabilities,” Proceedings of the 2000 IEEE Symposium on Research on Security and Privacy (S&P’00), 2000, pp. 156–165.

[33] C. Ramakrishnan and R. Sekar, “Model-Based Analysis of Configuration Vulnerabilities,” Journal of Computer Security 10, No. 1/2 (2002): 189–209.

[34] S. Jha, O. Sheyner, and J. Wing, “Two Formal Analysis of Attack Graph,” Proceedings of the 15th Computer Security Foundation Workshop (CSFW’02), 2002, pp. 49–63.

[35] S. Jajodia, S. Noel, and B. O’Berry, “Topological Analysis of Network Attack Vulnerability,” in Managing Cyber Threats: Issues, Approaches and Challenges, edited by V. Kumar, J. Srivastava, and A. Lazarevic (Boston: Kluwer Academic Publisher, 2003).

[36] OSSIM, “Open Source Security Information Management,” at http://www.ossim.net.

[37] A. Turner, “Tcpreplay: Pcap Editing and Replay Tools for *nix,” at http://tcpreplay.sourceforge.net/.

[38] Darpa, “2000 Darpa Intrusion Detection Evaluation Data Sets,” at http://www.ll.mit.edu/IST/ideval/data/2000/2000dataindex.html.

[39] Treasurehunt, “Treasure Hunt Data Sets,” at http://www.cs.ucsb.edu/~vigna/treasurehunt/index.html.

[40] P. Ning and D. Xu, “Adapting Query Optimization Techniques for Efficient Intrusion Alert Correlation,” Technical report, North Carolina State University, Department of Computer Science, 2002.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for

Create new playlist

Sign In

Sign Up