SCOPUS 정보 검색 플랫폼

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 3269, Issue , 2004, Pages 223-235

Decentralized publish-subscribe system to prevent coordinated attacks via alert correlation

(6) Garcia, Joaquin a Autrel, Fabien b Borrell, Joan a Castillo, Sergio a Cuppens, Frederic c Navarro, Guillermo a

a UNIVERSITAT AUTÒNOMA DE BARCELONA (Spain)

b ONERA (France)

c ECOLE DES MINES DE NANTES (France)

Author keywords

Alert Correlation; Intrusion Detection; Publish Subscribe Systems

Indexed keywords

DISTRIBUTED COMPUTER SYSTEMS; INTRUSION DETECTION; NETWORK ARCHITECTURE; OPEN SOURCE SOFTWARE;

ALERT CORRELATION; COOPERATIVE SCHEMES; COORDINATED ATTACK; DECENTRALIZED ARCHITECTURE; NETWORK RESOURCE; PUBLISH-SUBSCRIBE SYSTEMS; SECURE MULTICASTS; THIRD PARTIES;

MESSAGE PASSING;

EID: 35048819574 PISSN: 03029743 EISSN: 16113349 Source Type: Book Series
DOI: 10.1007/978-3-540-30191-2_18 Document Type: Article

Times cited : (18)

References (16)

1
- 24144460750
- Heterogeneous sensor correlation: A case study of live traffic analysis
- United States Military Academy, West Point, New York, USA, June
- D. Andersson, M. Fong, and A. Valdes. Heterogeneous sensor correlation: A case study of live traffic analysis. In 3rd Annual Information Assurance Workshop, United States Military Academy, West Point, New York, USA, June 2002.
- (2002) 3rd Annual Information Assurance Workshop
- Andersson, D.¹ Fong, M.² Valdes, A.³

2
- 35048867909
- Enhanced correlation in an intrusion detection process
- St Petersburg, Russia, September
- S. Benferhat, F. Autrel, and F. Cuppens. Enhanced correlation in an intrusion detection process. In Mathematical Methods, Models and Architecture for Computer Network Security (MMM-ACNS 2003), St Petersburg, Russia, September 2003.
- (2003) Mathematical Methods, Models and Architecture for Computer Network Security (MMM-ACNS 2003)
- Benferhat, S.¹ Autrel, F.² Cuppens, F.³

3
- 84922794799
- Managing alerts in a multi-intrusion detection environment
- New Orleans, Lousiana, December
- F. Cuppens. Managing alerts in a multi-intrusion detection environment. In 17th Annual Computer Security Applications Conference (ACSAC'01), New Orleans, Lousiana, December 2001.
- (2001) 17th Annual Computer Security Applications Conference (ACSAC'01)
- Cuppens, F.¹

4
- 10444226846
- Recognizing malicious intention in an intrusion detection process
- Santiago, Chile, October
- F. Cuppens, F. Autrel, A. Miège, and S. Benferhat. Recognizing malicious intention in an intrusion detection process. In Second International Conference on Hybrid Intelligent Systems (HIS'2002), Santiago, Chile, October 2002.
- (2002) Second International Conference on Hybrid Intelligent Systems (HIS'2002)
- Cuppens, F.¹ Autrel, F.² Miège, A.³ Benferhat, S.⁴

5
- 84867339043
- Alert correlation in a cooperative intrusion detection framework
- Oakland, USA
- F. Cuppens and A. Miège. Alert correlation in a cooperative intrusion detection framework. In IEEE Symposium on Security and Privacy, Oakland, USA, 2002.
- (2002) IEEE Symposium on Security and Privacy
- Cuppens, F.¹ Miège, A.²

6
- 0006002061
- A language to model a database for detection of attacks
- Toulouse, France
- F. Cuppens and R. Ortalo. LAMBDA: A language to model a database for detection of attacks. In Third International Workshop on the Recent Advances in Intrusion Detection (RAID'2000), Toulouse, France, 2000.
- (2000) Third International Workshop on the Recent Advances in Intrusion Detection (RAID'2000)
- Cuppens, F.¹ Ortalo Lambda, R.²

7
- 0004225165
- Intrusion detection message exchange format data model and extensible markup language (xml) document type definition
- January
- D. Curry, H. Debar, and B. Feinstein. Intrusion detection message exchange format data model and extensible markup language (xml) document type definition. Internet draft, January 2004.
- (2004) Internet Draft
- Curry, D.¹ Debar, H.² Feinstein, B.³

8
- 1542700226
- Model checking publish-subscribe systems
- Portland, Oregon, USA, May
- D. Garlan, S. Khersonsky, and J. S. Kim. Model checking publish-subscribe systems. In Proceedings of the 10th International SPIN Workshop, Portland, Oregon, USA, May, 2003.
- (2003) Proceedings of the 10th International SPIN Workshop
- Garlan, D.¹ Khersonsky, S.² Kim, J.S.³

9
- 33750816812
- Using root cause analysis to handle intrusion detection alarms
- October
- K. Julich. Using root cause analysis to handle intrusion detection alarms. ACM journal name, 2:111-136, October 2002.
- (2002) ACM Journal Name , vol.2 , pp. 111-136
- Julich, K.¹

10
- 2542600230
- PhD thesis, Technical University of Vienna, June
- C. Kruegel. Network Alertness - Towards an adaptive, collaborating Intrusion Detection System. PhD thesis, Technical University of Vienna, June 2002.
- (2002) Network Alertness - Towards An Adaptive, Collaborating Intrusion Detection System
- Kruegel, C.¹

11
- 84905400212
- Flexible, mobile agent based intrusion detection for dynamic networks
- Italy, February
- C. Kruegel and T. Toth. Flexible, mobile agent based intrusion detection for dynamic networks. In European Wireless, Italy, February 2002.
- (2002) European Wireless
- Kruegel, C.¹ Toth, T.²

12
- 1542281004
- M2D2: A formal data model for intrusion alarm correlation
- Zurich, Switzerland, October
- B. Morin, L. Mé, H. Debar, and M. Ducassé. M2D2: a formal data model for intrusion alarm correlation. In Proceedings of the 5th Recent Advances in Intrusion Detection (RAID2002), Zurich, Switzerland, October 2002.
- (2002) Proceedings of the 5th Recent Advances in Intrusion Detection (RAID2002)
- Morin, B.¹ Mé, L.² Debar, H.³ Ducassé, M.⁴

13
- 84958963784
- Analyzing intensive intrusion alerts via correlation
- Zurich, Switzerland, October
- P. Ning, Y. Cui, and D. S. Reeves. Analyzing intensive intrusion alerts via correlation. In Fifth International Symposium on Recent Advances in Intrusion Detection (RAID2002), pages 74-94, Zurich, Switzerland, October 2002.
- (2002) Fifth International Symposium on Recent Advances in Intrusion Detection (RAID2002) , pp. 74-94
- Ning, P.¹ Cui, Y.² Reeves, D.S.³

14
- 0002629036
- EMERALD: Event monitoring enabling responses to anomalous live disturbances
- October
- P. A. Porras and P. G. Neumann. EMERALD: Event monitoring enabling responses to anomalous live disturbances. In Proceedings of the 20th National Information Systems Security Conference, pages 353-365, October 1997.
- (1997) Proceedings of the 20th National Information Systems Security Conference , pp. 353-365
- Porras, P.A.¹ Neumann, P.G.²

15
- 0003256112
- Elvin has left the building: A publish/subscribe notification service with quenching
- Brisbane, September
- B. Segall and D. Arnold. Elvin has left the building: A publish/subscribe notification service with quenching. In Proceedings of the third annual technical conference of AUUG 1997, pages 243-255, Brisbane, September 1997.
- (1997) Proceedings of the Third Annual Technical Conference of AUUG 1997 , pp. 243-255
- Segall, B.¹ Arnold, D.²

16
- 0002473030
- DIDS (distributed intrusion detection system) - Motivation, architecture and an early prototype
- October
- S. R. Snapp, J. Brentano, G. V. Dias, T. L. Goan, L. T. Heberlein, C. Ho, K. N. Levitt, B. Mukherjee, S. E. Smaha, T. Grance, D. M. Teal, and D. Mansur. DIDS (distributed intrusion detection system) - motivation, architecture and an early prototype. In Proceedings 14th National Security Conference, pages 167-176, October, 1991.
- (1991) Proceedings 14th National Security Conference , pp. 167-176
- Snapp, S.R.¹ Brentano, J.² Dias, G.V.³ Goan, T.L.⁴ Heberlein, L.T.⁵ Ho, C.⁶ Levitt, K.N.⁷ Mukherjee, B.⁸ Smaha, S.E.⁹ Grance, T.¹⁰ Teal, D.M.¹¹ Mansur, D.¹²

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.