[1]ENDSLEY M R. Design and evaluation for situation awareness enhancement [C]// Proceeding of the 32nd Human Factors Society Annual Meeting. Santa Monica: Human Factors and Ergonomics Society, 1988: 97-101.[2]BASS T, ARBOR A. Multisensor data fusion for next generation dis-tributed intrusion detection systems [C]// Proceeding of IRIS National Symposium on Sensor and Data Fusion. Laurel, MD: [s.n.], 1999: 24-27.[3]JAJODIA S, NOEL S, O'BERRY B. Topological analysis of network attack vulnerability [M]// KUMAR V, SRIVASTAVA J, LAZAREVIC A. Managing Cyber Threats: Issues, Approaches and Challenges. Dordrecht: Kluwer Academic Publisher, 2005: 247-266.[4]WANG LINGYU, SINGHAL A, JAJODIA S. Measuring network security using attack graphs [C]// Proceedings of the 2007 ACM Workshop on Quality of Protection. New York: ACM Press, 2007: 49-54.[5]WANG LINGYU, SINGHAL A, JAJODIA S. Measuring the overall security of network configurations using attack graphs [C]// Proceedings of the 21st IFIP WG 11.3Working Conference on Data and Applications Security. Berlin: Springer-Verlag, 2007: 98-112.[6]NING PENG, CUI YUN, REEVES D S, et al. Techniques and tools for analyzing intrusion alerts [J]. ACM Transactions on Information and System Security, 2004, 7(2): 274-318.[7]XU DINGBANG, NING PENG. Alert correlation though trigger event and common resource [C]// Proceedings of the 20th Annual Computer Security Applications Conference. Washington, DC: IEEE Computer Society, 2004: 360-369.[8]BARFORD P, CHEN YAN, GOYAL A, et al. Employing honeynets for network situational awareness [C]// Proceedings of the Fourth Workshop on Hot Topics in Networks. Berlin: Springer-Verlag, 2005: 71-102.[9]THONNARD O, DACIER M. A framework for attack patterns' discovery in honeynet data [C]// Proceeding of the 8th Digital Forensics Research Conference. Baltimore: [s.n.], 2008: S128-S139.[10]王娟,张凤荔,傅翀,等.网络态势感知中的指标体系研究[J].计算机应用,2007,27(8):1907-1909.[11]陈秀真,郑庆华,管晓宏,等.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897.[12]WASSERKRUG S, ETZION O, GAL A. Inference and prediction of uncertain events in active systems: A language and execution model [EB/OL]. [2011-04-25]. http://ftp.informatik.rwth-aachen.de/Publications/CEUR-WS/Vol-76/wasserkrug.pdf.[13]GAL A. Managing uncertainty in schema matching with top-k schema mappings [J]. Journal on Data Semantics VI, 2006, 4090: 90-114.[14]OXENHAM M, CHALLA S, MORELANDE M. Fusion of disparate identity estimates for shared situation awareness in a network-centric environment [J]. Information Fusion, 2006, 7(4): 395-417.[15]HOLSOPPLE J, YANG S J, SUDIT M. TANDI: Threat assessment of network data and information [EB/OL]. [2011-04-20]. https://ritdml.rit.edu/handle/1850/10737.[16]SABATA B, ORNES C. Multi-source evidence fusion for cyber-situation assessment [C]// Proceedings of Multisensor, Multisource Information Fusion Conference. Bellingham: SPIE, 2006: 1-9.[17]李伟生,王宝树.基于贝叶斯网络的态势评估[J].系统工程与电子技术,2003,25(4):480-483.[18]ARNES A, VALEUR F, VIGNA G, et al. Using hidden Markov models to evaluate the risks of intrusions [C]// Proceedings of the 9th Symposium on Recent Advances in Intrusion Detection, LNCS 4219. Berlin: Springer-Verlag, 2006: 145-164.[19]ARNES A, SALLHAMMAR K, HASLUM K, et al. Real-time risk assessment with network sensors and intrusion detection systems [C]// Proceeding of 2005 International Conference on Computational Intelligence and Security, LNCS 3802. Berlin: Springer-Verlag, 2005: 388-397.[20]OURSTON D, MATZNER S, STUMP W, et al. Applications of hidden Markov models to detecting multi-stage network attacks [C]// Proceedings of the 36th Hawaii International Conference on System Sciences. Washington, DC: IEEE Computer Society, 2003: 334.2.[21]QU ZHAO-YANG, LI YA-YING, LI PENG. A network security situation evaluation method based on D-S evidence theory [C]// Proceedings of the 2010 International Conference on Environmental Science and Information Application Technology. Washington, DC: IEEE Computer Society, 2010: 496-499.[22]徐晓辉,刘作良.基于D-S证据理论的态势评估方法[J].电光与控制,2005,12(5):36-37.[23]RAO N P, KASHYAP S K, GIRIJA G. Situation assessment in air combat: A fuzzy-Bayesian hybrid approach [C]// Proceedings of 2008 International Conference on Aerospace Science and Technology. Bangalore: [s.n.], 2008: 26-28.[24]李伟生,王宝树.基于模糊逻辑和D-S证据理论的一种态势估计方法[J].系统工程与电子技术,2003,25(10):1278-1280.[25]任伟,蒋兴浩,孙锬锋.基于RBF神经网络的网络安全态势预测方法[J].计算机工程与应用,2006,42(31):136-138.[26]LAI JIBAO, WANG HUIQIANG, LIU XIAOWU, et al. A quantitative prediction method of network security situation based on wavelet neural network [C]// Proceedings of the First International Symposium on Data, Privacy, and E-Commerce. Washington, DC: IEEE Computer Society, 2007: 197-202.[27]张翔,胡昌振,刘胜航,等.基于支持向量机的网络攻击态势预测技术研究[J].计算机工程,2007,33(11):10-12.[28]王娟.大规模网络安全态势感知关键技术研究[D].成都:电子科技大学,2010.[29]龚正虎,卓莹.网络态势感知研究[J].软件学报,2010,21(7):1605-1619.[30]王慧强.网络安全态势感知研究新进展[J].大庆师范学院学报,2010,30(3):1-8.[31]RABINER L R. A tutorial on hidden Markov models and selected applications in speech recognition [J]. Proceedings of the IEEE, 1989, 77(2): 257-286.[32]ADI A, BOTZER D, ETZION O. The situation manager compo-nent of Amit — Active middleware technology [C]// Proceedings of the 5th International Workshop on Next Generation Information Technologies and Systems. Berlin: Springer-Verlag, 2002: 158-168.[33]VALEUR F. Real time intrusion detection alert correlation [D]. Santa Barbara: University of California, 2006.[34]ZHAI YAN. Integrating multiple information resources to analyzing intrusion alerts [D]. Raleigh: North Carolina State University, 2006.[35]PORRAS P A, FONG M W, VALDES A. A mission-impact-based approach to INFOSEC alarm correlation [C]// Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection. Berlin: Springer-Verlag, 2002: 95-114.[36]MORIN B, M L, DEBAR H, et al. M2D2: A formal data model for IDS alert correlation [C]// Proceedings of the International Symposium on Recent Advances in Intrusion Detection. Berlin: Springer-Verlag, 2002: 115-137.[37]SMITH D, SINGH S. Approaches to multisensor data fusion in target tracking: A survey [J]. IEEE Transactions on Knowledge and Data Engineering, 2006, 18(12): 1696-1710.[38]HINMAN M L. Some computational approaches for situation assessment and impact assessment [C]// Proceedings of the Fifth International Conference on Information Fusion. Washington, DC: IEEE Computer Society, 2002: 687-693.[39]OXENHAM M, CHALLA S, MORELANDE M. Fusion of disparate identity estimates for shared situation awareness in a network-centric environment [J]. Information Fusion, 2006, 7(4): 395-417.[40]IVANSSON J. Situation assessment in a stochastic environment using Bayesian networks [D]. Linkping: Linkping University, 2002.[41]JAJODIA S, LIU P, SWARUP V, et al. Cyber situation aware-ness: Issue and research (advanced in information security) [M]. Berlin: Springer-Verlag, 2009.[42]LIGGINS M E, HALL D L, LLINAS J. Handbook of multi-sensor data fusion: Theory and practice [M]. Boca Raton: CRC Press, 2009.[43]RAOL J R. Multi-sensor data fusion: Theory and practice [M]. Boca Raton: CRC Press, 2009. |