[1] |
李祉岐,黄金垒,王义功,等. 入侵告警信息聚合与关联技术综述[J]. 计算机应用与软件, 2019,36(4):286-294.
|
[2] |
胥小波,蒋琴琴,郑康锋,等. 基于混沌粒子群的IDS告警聚类算法[J]. 通信学报, 2013,34(3):105-110.
|
[3] |
胡亮,解男男,努尔布力,等. 基于智能规划的多步攻击场景识别算法[J]. 电子学报, 2013,41(9):1753-1759.
|
[4] |
解男男. 机器学习方法在入侵检测中的应用研究[D]. 长春:吉林大学, 2015.
|
[5] |
李思达. IDS告警信息关联分析系统的研究与实现[D]. 北京:北京邮电大学, 2018.
|
[6] |
努尔布力,解男男,陈飞彦,等. 一种基于条件随机场的入侵检测误报滤除方法[J]. 中国科技论文, 2012,7(10):757-761.
|
[7] |
〖JP+2〗NJOGU H W, LUO J W, KIERE J N. Network specific vulnerability based alert reduction approach[J]. Security and Communication Networks, 2013,6(1):15-27.
|
[8] |
〖JP+2〗VALDES A, SKINNER K. Probabilistic alert correlation[M]// International Workshop on Recent Advances in Intrusion Detection. Springer Berlin Heidelberg, 2001:54-68.
|
[9] |
黄林,吴志杰,黄晓芳,等. 一种改进的多源异构告警聚合方案[J]. 计算机应用研究, 2014,31(2):579-582.
|
[10] |
李洪成,吴晓平. 基于自扩展时间窗的告警多级聚合与关联方法[J]. 工程科学与技术, 2017,49(1):206-212.
|
[11] |
GHASEMIGOL M, GHAEMI-BAFGHI A. E-correlator: An entropy-based alert correlation system[J]. Security and Communication Networks, 2015,8(5):822-836.
|
[12] |
LIANG W, CHEN Z, WEN Y, et al. An alert fusion method based on grey relation and attribute similarity correlation[J]. International Journal of Online and Biomedical Engineering, 2016,12(8):25-30.
|
[13] |
AHMED T, SIRAJ M M, ZAINAL A, et al. A taxonomy on intrusion alert aggregation techniques[C]// Proceedings of the 2014 International Symposium on Biometrics and Security Technologies. 2014:244-249.
|
[14] |
〖KG-*3〗〖JP2〗DEALVARENGA S C, BARBON JR S, MIANI R S, et al. Process mining and hierarchical clustering to help intrusion alert visualization[J]. Computers & Security, 2018,73:474-491.
|
[15] |
郭春. 基于数据挖掘的网络入侵检测关键技术研究[D]. 北京:北京邮电大学, 2014.
|
[16] |
LU X G, DU X H, WANG W J. An alert aggregation algorithm based on k-means and genetic algorithm[C]// Proceedings of the 2nd International Conference on Artificial Intelligence Applications and Technologies. 2018, DOI: 10.1088/1757-899X/435/1/012031.
|
[17] |
白鹏翔,张清华,段富,等 基于模糊规则的免疫算法在网络入侵中的应用[J].计算机工程与设计, 2015,36(12):3246-3249.
|
[18] |
OLABELURIN A, VELURU S, HEALING A, et al. Entropy clustering approach for improving forecasting in DDoS attacks[C]// Proceedings of the 2015 IEEE 12th International Conference on Networking, Sensing and Control. 2015:315-320.
|
[19] |
THATTE G, MITRA U, HEIDEMANN J. Parametric methods for anomaly detection in aggregate traffic[J]. IEEE/ACM Transactions on Networking, 2011,19(2):512-525.
|
[20] |
夏秦,王志文,卢柯. 入侵检测系统利用信息熵检测网络攻击的方法[J]. 西安交通大学学报, 2013,47(2):14-19.
|
[21] |
刘威歆,郑康锋,武斌,等. 基于攻击图的多源告警关联分析方法[J]. 通信学报, 2015,36(9):135-144.
|
[22] |
RAMAKI A A, AMINI M, ATANI R E. RTECA: Real time episode correlation algorithm for multi-step attack scenarios detection[J]. Computers & Security, 2015,49:206-219.
|
[23] |
朱梦影. 入侵检测系统报警关联技术研究[D]. 沈阳:沈阳航空航天大学, 2014.
|
[24] |
牛国林,管晓宏,龙毅,等. 多源流量特征分析方法及其在异常检测中的应用[J]. 解放军理工大学学报(自然科学版), 2009,10(4):350-355.
|
[25] |
MIT Lincoln Laboratory. 2000 DARPA Intrusion Detection Scenario Specific Datasets[DB/OL]. (2000-07-20)[2019-09-16]. http://www.ll.mit.edu/r-d/datasets/2000-darpa-intrusion-detection-scenario-specific-datasets.
|